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TATTLETALES 


Microsoft is rewarding PC builders that snitch 
on users who order Windows-less boxes. Page 16 


WHO'S THE BOSS? 


MIT futurist Michael L. Dertouzos (left) calls for making comput- 
ers serve humans, rather than the other way around. Page 60 


UNDERHYPED 


Users say one wireless service is 
twice as fast as promised. Page 8 
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TELECOMMUTING 
UNDER SCRUTINY 


Health care privacy 


regs force policy review | 


BY JULEKHA DASH 


To comply with government | 


regulations, health care organi- 
zations aren’t just overhauling 
their operations. They’re 
reviewing their telecommuting 
policies. 

The privacy 
Health Insurance 
and Accountability 
which health 
tions must comply by April 
2003, states that unauthorized 
persons can’t have access to 
private medical data. That has 
prompted several health orga- 
nizations to review their tele- 
commuting policies to prevent 
off-site privacy breaches. 

“At work, you can make sure 


also 


rules of 
Portability 
Act, 
care 


| less they’re 


the | 


with | 
organiza- | 





| people don’t enter a facility un- | 
authorized, but at | 
said Jim | 


home, it’s different,” 
Hudack, CEO of UnitedHealth 


Group Inc.’s technologies divi- | 
| sion in Minnetonka, Minn. 


Although Hudack 


home.” 


Telecommuting, page 14 | 


Under Wraps 


Health care organizations can 
protect private information 
used by telecommuters by: 

> Improving security measures 
for home devices, with encryption, | 
PKI or biometric ID devices | 
> Encouraging employees to work 
ina separate home office, rather i 
than in the living room or bedroom i 
> Taking immediate disciplinary 
action for privacy breaches 


MANAGING THE 


THE NEED FOR UP-TO-DATE VIRUS 
protection is greater than ever, but it’s a big 
headache to update the hodgepodge of 
antivirus software from multiple vendors 
on hundreds of machines. IT security man- 
agers say there’s got to be a better way. 
Story begins on page 66. 
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doesn’t | 
think HIPAA will force Unit- | 
edHealth to ban telecommut- | 
| ing altogether, he said the com- 
pany has to “be careful about | 
| what we let people work on at 


| to catching 
| bare 


| one of Microsoft’s 


| know it’s been confusing.” 


| Inc. 





BY CAROL SLIWA 


| LOS ANGELE 


Getting a firm grasp on the | 
.Net initiative that Microsoft | 
Corp. launched more than 10 
months ago might be likened | 
a fish with one’s | 
hands. Even 
top executives, Jim 
Allchin, publicly 
acknowledged last week, 
The result? Many IT profes- 
sionals at last week’s Gartner | 
conference, Windows | 
2000 and Beyond, said they | 
haven’t been seriously think- 


a 


Development platform focused on Web 
services still confuses customers 


| ing about or making plans for 


the .Net world that Microsoft 
has been promoting. Allchin 
spoke at the conference about 
his company’s new Web ser- 
vice-focused development plat- 
form strategy. 

“From a business 
perspective, I need 
justification, ROI, 
before I buy some- 


thing different,” said Joe 


| Drozynski, an IT project man- 


ager at Capital Blue Cross in 
Harrisburg, Pa. “.Net is 
sion, and I don’t see it as some- 
thing I can take to my CIO.” 
Calling .Net “total vapor- 


| centrate 


} Curement 


5eNO 


ware,” a Windows NT project 
leader and manager at a Mid- 
western publishing firm said, “I 
know it’s how they plan to bring 
everything together. It 
sounds too huge to ever work.” 

“T think I’m 
everybody 


just 


as confused as 


else is right now. 


[.Net] seems to be a moving 
target,” said Dennis Lionberger, 
chief of architecture for Marin 
County, Calif. “Right now, 
not well defined enough to 
mean much to me. I’m not sure 
Microsoft is sure what it will 

-Net Plans, page 16 


it’s 


-ARIBA T0 FOCUS 


a vi- | 


ON 5 INDUSTRIES 


Targets include auto, 
finance, new CEO says 


| BY MICHAEL MEEHAN 


AND LEE COPELAND GLADWIN 


Ariba Inc., sporting a fresh CEO 
after a bad quarter, announced 
at its annual user conference 


| here last week that it will con- 


its development ef- 
forts in five vertical industries, 
even though some users in 


| those fields have already cho- 
| sen competing vendors. 


The market-leading e-pro- 
software company 
has targeted financial services, 
automotive, pharmaceutical, 
high-tech and consumer pack- 
aged-goods firms. CEO Larry 
Mueller said he believes that 
customers’ allegiance is up for 


| grabs and that they will switch 


to technologies that can deliv- 


= | erasolid return on investment 


But customers were skepti- 


=| cal that Mountain View, Calif.- 


PHILL BAKKER, senior security architect at eHealthDirect, wishes 
there were a “common console” for managing antivirus updates. 


| based Ariba could obtain the 


critical mass it seeks. The mar- 
ket for purveyors 
Ariba, page 


of online 





WE DIDN’T JUST JUMP ON THE 
INFRASTRUCTURE BANDWAGON. 





WE BUILT IT. 





IT’S TIME TO SET THE RECORD STRAIGHT. 


LONG BEFORE OUR COMPETITORS EVEN ADDED THE WORD “INFRASTRUCTURE” 
TO THEIR VOCABULARY, WE WERE BUSY CREATING IT. SINCE WE FIRST LAUNCHED 
UNICENTER? IT HAS BECOME THE DE FACTO GLOBAL STANDARD FOR MANAGING 
ALL eBUSINESS INFRASTRUCTURE. BUT WE DIDN‘T STOP THERE—WE’RE ALSO 
THE WORLD LEADER IN SECURITY AND STORAGE SOFTWARE. EVERY DAY, OUR 
SOFTWARE HANDLES OVER 180 MILLION TRANSACTIONS, PROTECTS $50 BILLION 
IN WIRE TRANSFERS AND STORES 40 MILLION SECURITY EXCHANGES. EXPERTISE 
DOESN’‘T HAPPEN OVERNIGHT. IT’S TAKEN 25 YEARS OF HARD WORK AND 
LEADERSHIP TO GET TO BE THE BEST. SO WHEN WE SAY YOU CAN TRUST EVERY 
ONE OF OUR 18,000 EMPLOYEES AROUND THE WORLD TO DELIVER THE SOFTWARE 


AND SERVICE THAT YOUR eBUSINESS’ SUCCESS DEPENDS ON, WE REALLY MEAN IT. 


a 


Computer Associates™ 
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SECURITY PRO 


The role of the security profes- 
sional is evolving from a back- 
office support function to one 
that’s strategically tied to the 
entire company. Chuck Ryan 
typifies the IT pro needed in this 
new role, combining business 
and communications skills with 
strong technology experience. 
Page 69 


BALANCING ACTS 


Long hours and frequent travel can be facts of life for IT consultants. 
But John Goodhue chose the independent consultant's lifestyle to gain 
control over his schedule and to spend quality time with his family. 


Page 49 
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TECHNOLOGY 


NEWS 


SERIOUS SECURITY FLAW 


in Microsoft’s Internet Informa- 


tion Services 5.0 leaves Windows 


2000 vulnerable to a devastating 
attack. 


COMPAQ JOINS HP in drop- 


ping out as a reseller of Unisys’ 
32-processor servers, raising 
questions about the market’s 
readiness for the big boxes. 


STANDARDS FOR structure 


and content of XML-based docu- 
ments are approved by the 
World Wide Web Consortium. 


A YELLOW PAGES-STYLE 


business-to-business directory is 
launched by major vendors, but 
few end users have signed on. 


SATELLITE AND WIRELESS 


communications systems trans- 
form a grocery store delivery 
fleet into mobile information 
centers. 


IP TELEPHONY is finally be- 


coming a reality for some corpo- 
rate users after years of hype. 


ANTITRUST LAW ensures that 


high-tech business remains com- 
petitive, the man nominated to 
lead the Justice Department’s 
antitrust division tells Congress. 


COMPLEX REGULATIONS in 
the health care industry force IT 
managers to handle relation- 

ships with consultants carefully. 


MORE 

Editorial Letters ... 24,25, 32 
How to Contact CW 

Shark ‘lank 

Company Index 


BUSINESS 


38 DOT-COM REFUGEES race 


back to traditional companies, 
but are they worth hiring? 


39 ONLINE INSURANCE gains 


steam in the banking industry as 


Web-specific risks grow. 
WORKSTYLES 
BLUELIGHT.COM has been in 
high gear since Kmart launched 
its new ad blitz. 


HIPAA PREPARATIONS are 


well under way at health care 
companies, but there’s still a 
long way to go. 


MEASURING BUSINESS and 


IT alignment is possible, thanks 
to anew methodology. 


TRAINING EXECUTIVES 
overseas is a challenge, but it 
can be critical to the success 
of global IT projects. 
QUICKSTUDY 


INVENTORY TURNS, or the 


speed with which companies un- 


load inventory, can have a major 
impact on the bottom line. 


SMO RIP ita PNOIMGS BiAER IRL ae 


24 MARYFRAN JOHNSON 


writes that Microsoft must 
work with other companies to 
help ensure the security of 
their customers’ data. 


PIMM FOX sees B2B success 


stories at private exchanges. 


LENNY LIEBMANN offers a 


simple way to understand B2B: 


96 


60 


62 


TR NARI 


28 


28 


42 


FIXED WIRELESS services 
provide a cheap alternative to 
Digital Subscriber Lines and T1 
lines for some companies. 


SECURITY JOURNAL 


AN ELUSIVE VIRUS forces 
security manager Mathias Thur- 
man to play it safe — and annoy 
the affected user — by wiping 
the system clean. 


FUTURE WATCH 


COMPLETE THE « Somputer 


Revolution by making machines 
serve people, says MIT comput- 
er guru Michael L. Dertouzos. 


BUYING PCs for the enterprise 


forces IT managers to focus on 
stable configurations, reliable 
support and long-term business 
relationships. 


EMERGING COMPANIES 


DATACERT’S WEB-BASED 


ShareDoc/Legal billing system 
facilitates transactions between 
corporate legal departments and 
outside law firms. And it’s inte- 
grated with many legal manage- 
ment systems. 


LYSE ROTEL UAT PSR PLITLEREIS EE 


Think of it in terms of personal 
relationships. 


JOHN GANTZ balances some 


economic data with insights 
into IT spending. 


BILL LABERIS notes that 
Nothing in IT happens as fast 
as the pundits claim it will. But 
eventually, it does. 


PAUL A. STRASSMANN 


examines what happened be- 


www.computerworl 


ONLINE 


“Tis the season to upsell? With a lot of 
IRS refund checks heading to con 
sumers’ accounts, this might be the 
time for banks to use customer rela 
tionship management to upsell, 
cross-sell and sell new products 
according to Jim Goldfinger, a senior 
vice president and general manager 
at Boston-based Xchange Inc.’s Cus 
tomer Value Management business 
unit, in our E-Commerce Community 
www.computerworld.com 
ecommerce 


Could you conduct a 
self-assessment of your 

security capabilities? 

Sheri Horseman (right), 

a senior security ana 

lyst at Dayton, Ohio 

based SafeCorp, walks 

you through the steps vou need to 
take to audit your company’s security 
measures in the Security Community 
www.computerworld.comecurity 


For the latest news about security, as 
well as features, analyses, Web re 
sources and discussion forums, head 
to our Security Resource Center at 
www.computerworld.com 
securitycenter 


fore and after J.P. Morgan 
outsourced its IT operations 
in 1996. 


JOE AUER urges IT: Be wary 
when you're about to agree t 
an “annual revenue commit 
ment” to a vendor. 


FRANK HAYES says that for 


banks to convince customers 
to share their private data, 
they'll have to show them 
some real benefits 





XML Group to Create 
Voting System Specs 


The Organization for the Advance- 
ment of Structured Information 
Standards (OASIS) announced last 
week that it has formed a commit- 
tee to develop a specialized XML 
standard aimed at improving the 
accuracy and efficiency of elec- 
tions. Billerica, Mass.-based OASIS 
said the new technical committee 
will work to develop an Election 
Markup Language (EML) based on 
XML technology. The EML proposai 
would include specifications for 
exchanging data between election 
and voter registration systems 
developed by different hardware, 
software and IT services vendors. 


Congress Pushes 
For a Federal CI0 


A bill introduced in the U.S. Senate 
last week would require the ap- 
pointment of a federal CIO to over- 
see the government's $44 billion IT 
operation. Sponsored by Sens. Joe 
Lieberman (D-Conn.) and Conrad 
Burns (R-Mont.), the legislation 
has 10 co-sponsors. A similar push 
for a federal CIO is expected in the 
House of Representatives. The 
White House is planning to add 
federal CIO duties to the yet-to-be 
appointed deputy director of the 
Office of Management and Budget. 


Short Takes 


The U.S. DEPARTMENT OF COM 
MERCE said it’s creating a privacy 
adviser position to monitor compli- 
ance with the data privacy policies 
posted on its Web sites. A spokes- 
man said the adviser will be respon- 
sible for ensuring “that we're not 
dropping cookies or Web bugs or 
doing things that people might con- 
sider a violation of their privacy.” 
... NETWORK ICE CORP., a San 
Mateo, Calif.-based maker of desk- 
top intrusion-detection systems 
popular among home and small- 
office users, has agreed to be pur- 
chased by Atlanta-based security 
vendor INTERNET SECURITY SYS- 
TEMS INC. (ISS) for 4.3 million 
shares of ISS stock and $300,000 
to cover options. . . . Denver-based 
business applications vendor J.D. 
EDWARDS & CO. said 8% of its 
employees have been laid off as 
part of a “revitalization” effort. 


Compaq Discontinues 
Large Unisys Server 


NEWS 


Move raises questions about market for 
32-processor Intel boxes, analysts say 


BY JAIKUMAR VIJAYAN 
OMPAQ Computer 
Corp.'s decision 
to stop reselling 
Unisys Corp.'s 32- 
processor ES7000 
server, a month after Hewlett- 
Packard Co. said it was doing 
the same, raises questions 
about the commercial market's 
readiness for highly scalable In 
tel Corp. servers, analysts said 

But executives from Unisys 
insisted that there is a growing 
demand for such scalability in 
the Intel space and said they 
would continue to vigorously 
push the system, which the 
company is positioning as the 
most scalable server for Win- 
dows 2000 Datacenter. 

“We are skating to where the 
puck is going,” said Peter Sam- 
son, a general manger at Blue 
Bell, Pa.-based Unisys. 
the 


is based on a 


Launched last 
ES7000 server 
proprietary Unisys technology 
called Cellular 
ing (CMP) that, among other 


things, allows users to parti- 


year, 


MultiProcess- 


tion a single 32-processor Intel 
server into multiple, smaller 
boxes. Unisys has been posi- 
the Windows 2000 


Datacenter servers as a cheap- 


tioning 


er and more powerful option to 
Unix servers for tasks such as 
server consolidation and data- 
base hosting. 

Unisys has signed up com- 
panies such as Dell Computer 
Corp., Japan’s Hitachi Ltd. and 
England’s ICL, in addition to 
Compaq and HP, to resell the 
ES7000. Last week though, 
backed the 
agreement, saying it wanted to 


Compaq out of 


focus instead on selling its own 
eight-processor ProLiant serv- 


ers, which account for 95% of 


high-end server sales, accord- 
ing to the company. 

That statistic, combined 
with the softening economy, 
caused Compag to re-evaluate 
its options, said Tim Golden a 
company spokesman. 


A month ago HP 


dropped its agreement with | 
' Unisys because comparable 


also | 


technology being developed 
internally at HP was coming 
along faster than expected, ac- 
cording to Gary Erickson, an 
HP product manager. 

The defections by the two 
companies aren’t very surpris- 
ing, given the current softness 


in the economy and the lack of 


overall user readiness for tech- 
nologies such as these, said 
Joyce Becknell an analyst at 
Aberdeen Group Inc in Boston. 

“Not many people are ready 
to scale to 32-processor Intel 
servers just yet,” Becknell said. 
For one thing, the Windows 
and Win 


are 


operating system 


dows-based applications 


Microsoft Warns of Windows 2000 Hole 


BY SAM COSTELLO AND 
JENNIFER DISABATINO 
Microsoft Corp. disclosed last 
week that an “extremely serious” 
flaw in an extension included in 
Windows 2000 could allow a 
malicious hacker to gain complete 
ccsitrol of any computer running 
the Internet Information Services 
(IIS) 5.0 software built into that 
operating system 

The software vendor “strongly” 
urged all IIS 5.0 users to install a 
patch, available online (see chart), 
that’s supposed to fix the problem. 
There are no reports that the flaw 
has been exploited yet. 

Scott Culp, a program manager 
at Microsoft's security response 
center, said it's “imperative” that 
anyone running IIS 5.0 apply the 
patch. The hole is especially seri- 
ous because it could enable an 
attacker to run code that would 
give him complete control of Win- 
dows 2000 on a vulnerable server 

“There is literally nothing [an 
attacker] could not do,” Culp said. 

Microsoft said the vulnerability 
is caused by an unchecked buffer 
in an extension that provides 
native support for Internet printing 
capabilities within Windows 2000. 

Culp said the hole will affect 
only those users who have explicit- 


still untested in 


large-scale enterprise environ- 


relatively 


ments, she said 
Another that the 


concept of partitioning — a 


issue is 


been 
and 
Unix worlds is still new in 
the commercial Intel 
space and may take more time 


that’s 
the 


technique long 


used in mainframe 


server 


to gain wider acceptance, said 
James Garden, an analyst at 
Technology Business Research 
Inc. in Hampton, N.H. As a re- 
sult, most users are likely to 
first turn to four 


way Intel servers before look- 


and eight- 


ing to larger boxes, Becknell 
said. 

But some users who are al- 
ready using the ES7000 say it 
offers a great platform for 
consolidating workloads from 
multiple smaller Intel servers. 


ly turned on IIS 5.0 and the Internet 
Printing Protocol feature offered as 
part of Windows 2000. The prob- 
lematic extension that implements 
the protocol is installed by default 
on all Windows 2000-based 
servers, but it can be accessed 
only via IIS 5.0. 

The hole was first reported to 
Microsoft 10 days ago by eEye 
Digital Security, an Aliso Viejo, 
Calif.-based security software 
vendor that has posted its own 
advisory about the vulnerability 


Fixing the Flaw 


WHO WILL BE AFFECTED 


Users who have 
explicitly turned on 
IIS 5.0 and the Inter- 
net Printing Protocol 
feature offered as part 
of Windows 2000 


Act quickly. All IIS 5.0 
users are advised to 
install a new patch 
Microsoft has made 
available. Go to www. 
microsoft.com/technet/ 
security/bulletin/MS010 
23.asp 
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“This architecture is exactly 
what I had in mind,” for run- 
ning core applications, said 
Ray Pedden, 
president at Health eConnex, a 
Park Ridge, Ill.-based applica- 
tion service provider for the 
health care market. The com- 


executive vice 


pany 
ES7000 to run a core transac- 
tion 


uses a_ 16-processor 


processing application 
that would have otherwise re- 
quired “a whole server farm to 
accomplish,” he said. 

The 60,000-student Santa 
Ana Unified School District in 


| California has split a 16-proces- 


sor ES7000 into two eight- 
one for 
running student applications, 
the other for financial appli- 
cations, said Paul Bewley, the 
district’s director of IT. The 
applications were migrated off 
an older proprietary Unisys 
platform. “We wanted some- 
thing that was bigger, faster and 


processor halves — 


cheaper,” Bewley said. B 


Linda Rosencrance contributed 
to this report. 


According to that advisory, a 
filter on Microsoft's Internet Server 
application programming interface 


| extension that controls the Internet 
| printing commands “does not 

| do proper ‘bounds checking’ on 

| user-inputted buffers.” That makes 
| the server susceptible to buffer 

| overflow attacks that could give 

| hackers the keys they need to gain 
system-level access to servers. 


Once that's accomplished, 


| Maiffret said, an attacker could 
| view all of the files on a penetrated 


server and execute any command. 
While the hole itself is some- 


| what obscure, security analysts 
| said ways to exploit it are sure 


to be developed and shared 
among would-be attackers. Marc 
Maiffret, chief hacking officer at 


| eEye, said it is posting “a proof- 


of-concept exploit that can’t be 
used maliciously.” 

As aresult, systems administra- 
tors need to act quickly to ensure 
that their corporate servers don't 
get attacked, Maiffret said. 

“As soon as somebody learns 
about [the hole], they need to in- 
stall the patch,” he advised. “They 
shouldn't wait an hour or a day.” 

Microsoft has posted 18 security 
bulletins for IIS 5.0 since January 
of last year 
Costello is a reporter for the 
IDG News Service. 
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NEWS 


Web Group Adopts Specification for XML Definitions 


Aims to broaden, unify data interchange 


BY STEPHEN LAWSON 
The World Wide Web Consor 
tium last week announced at a 
conference that it had formally 
approved a recommended 
specification for defining the 
structure and content of XML- 
based business documents. 
The that 
consortium members have re- 
viewed the XML Schema spec- 


decision means 


ification and deemed it stable. 

The specification defines 
how programmers should de- 
scribe data types and docu- 
ments based on XMI 
ogy, which can put identifying 
tags on any piece of content on 


the Web. Potential corporate 


technol- 


uses include business-to-busi- 
ness transactions that involve 
multiple systems such as pur- 
chase orders and invoices. 


Launch B2B 


IBM, Microsoft 
Directory; Response Slow 


Even some founding 
members have yet to 
register Web services 


BY LEE COPELAND GLADWIN 
IBM Microsoft Corp. 
haven't yet been able to drum 
up much end-user interest in 
the Yellow Pages-style directo- 
ry they launched last week, 
and that’s critical to the suc- 
cess of both vendors’ technol- 
ogy road map. 

Only a 


and 


dozen or so user 


firms are among the group of 


about 260 companies, mostly 
that have publicly 
pledged to register services in 
the Universal Description, 
Discovery and _ Integration 
(UDDI directory. And those 
few end-user supporters aren’t 
on the same page regarding the 
directory’s value. 

“We haven't decided whether 
we'll publish our Web services,” 
Patrick Gutmann, busi- 
ness-to-business e-commerce 
officer at ABN Amro Bank, a 
division of ABN Amro Holding 
NV. Gutmann said the $44 bil- 
lion Amsterdam-based finan- 
cial services company hasn’t 
yet defined how it will use the 
directory, but he joined the 
UDDI community to get in on 
the ground floor in setting stan- 
dards and shaping the registry. 

Wayzata, Minn.-based Cargill 
Inc., a $47 billion agricultural 
giant, and New York-based 
American Express Co., a $24 


vendors, 


said 


billion credit kingpin, are both 
among the founding members 
of UDDI. But neither firm 
would discuss its plans to use 
the directory, nor have they 
registered services. 

Ted Schadler, an analyst at 
Forrester Research Inc. in 
Cambridge, Mass., said there’s 
still time for IBM and Mi- 
crosoft to drum up end-user 
support for UDDI. 

“UDDI is not a must-do or 
die in 2001,” said Schadler. 
“Companies need to look at this 
because it’s the most cost-effec- 
tive way to make applications 
and services available over the 


Win 2002 


Name Game 


Confuses 


Microsoft exec hints at | 
change for server OS | 


| BY CAROL SLIWA 


Microsoft Corp. last week 


| dubbed its upcoming server 


operating system Windows 


| 2002 — and, in doing so, ap- 


peared to admit that the prod- 
uct won’t meet its originally 
targeted 2001 release date. 

Or did it? 

Speaking at a Windows con- 
ference sponsored by Stam- 


| 
| 
| 


In the absence of a standard, 


various technology vendors 


and vertical industry groups 
have devised their own Docu- 
ment Type Definitions (DTD) 
for exchanging XML-based 
data. The XMI 


specification is in- 


business 
Schema 
tended to replace those DTDs. 

Attendees at the 10th Inter- 
World Wide Web 
Consortium conference here 
applauded the approval. 

Amit Singal, a 
search scientist at Web search 


national 


senior re 


Web, and there will be tremen- 
dous tools and infrastructure 
support from the vendors.” 

Smaller end-user companies 
also voiced skepticism about 
the necessity of sharing infor- 
mation about Web services in a 
public directory. 

“If we design a Web service, 
it’s nothing that we’re going to 
want to open up and allow our 
competitors to get a hold of,” 
said Rob Kogan, vice president 
of MIS at Nautilus Insurance 
Co., a general liability and prop- 
erty insurance firm in Scotts- 
dale, Ariz. “We're very closed 
about our technology and will 
be in the future because tech- 
nology is a key differentiator in 
our market segment.” 

Publishing Web services in 
UDDI makes sense for only the 
biggest companies that domi- 
nate their marketplaces, said 


ford, Conn.-based Gartner Inc., 
Microsoft group vice president 
Jim Allchin hinted that the 
name isn’t set in stone. 

Asked about the Windows 
2002 name, Allchin laughed 
and said, “We have a little work 
to do on naming. Let me just 
stop there.” 

He said there would be an- 
other meeting on the naming 
issue. “The fat lady hasn’t sung 
yet,” he said, noting that the 
client version of the upcoming 
operating system, formerly 
code-named Whistler, will def- 
initely remain Windows XP. 

“I wouldn’t be surprised if 
the name changes again,” said 
Gartner analyst David Smith. 
“If [Allchin] has anything to 
say about it, it sounds like it’s 


going to be something else.” 


The Windows XP client is 
due to be released to manufac- 


engine developer Google Inc. 
in Mountain View, Calif., said 
the new specification should 
help rein in the multiple ways 
of defining XML content and 
make the definitions used by 
firms “It’s 
going to make all kinds of data 
interchange possible that’s not 


more consistent. 


possible today,” Singal said. 


The specification “is just 
way more powerful” than a 
DTD, Stefan Edlund, a 


software designer at IBM’s Al- 


said 


maden Research Center in San 


Jose. “It allows 
expressive in th 
scribe your do 

But another 
tioned that the appro 
in the 


putting the specification 


one step in 
actual ‘ 

“It’s a milestone, yes, but [the 
XML Schem: 
have a lot o 


is still going to 
; ” said Soumer 
Chakrabarti, an 


fessor in the computer science 


assistant pro- 


and engineering department at 


the Indian Institute of Technol 


ogy in Mumbai, India. D 


Lawson writes for the IDG 


News Service. 


The Terminology 


UDDI: A Web-based B2B directory where companies can 
list contact information, descriptions and unique identifiers 
for the Web services they offer. 


Simple Object Access Protocol: A protocol that 
allows remote procedure calls and Web services to ferry 
past firewalls using HTTP as its transport mechanism. 


XML: A standard used to describe the data that gets 


transmitted in Web services. 


ebXML: A standard that sets the terms and conditions for 


the use of e-business services. 


Jim Miller, chief technology of- 
ficer at Creditex, a New York- 
based seller of derivatives to 
large investment banks, such 
as J.P. Morgan Chase & Co. and 
Credit Suisse First Boston. 
“Comparatively, we’re a small 
fish,” Miller said. “The big fish 
will say, ‘Here’s the defined 


turing in July, with the server 
operating system to follow in 
three to six months, company 
officials have said. 

Microsoft group product 
manager Bob O’Brien 
there’s a “high probability that 
we're going to miss” the origi- 
nally stated 2001 release date 
for the server operating sys- 
tem. “January is not improba- 
ble” for its release to manufac- 
turing, he said. 

Once a product is released to 
manufacturing, it takes about 
eight weeks “in the best sce- 
nario” to work its way into the 
retail channels, O’Brien said. 

That means that the Win- 
dows 2002 server version may 
not reach customers until 
March, O’Brien said. 

“In all honesty, we thought 
we were doing the right thing,” 
naming the product Windows 


said 


service. If you want to play 
with us, you have to match up.’’ 

But the outlook for UDDI is 
by no means bleak. 

The Boeing Co., for example, 
also plans to support UDDI, 
though the Seattle-based aero 
space firm hasn’t determined 
what services to publish. B 


2002, O’Brien said. “It 


going to be close to the end of 


was 


the year.” 

O’Brien said his company is 
cognizant of the fact that, as the 
product release pushes close to 
the first quarter, “that’s when 
IT does their budget planning.” 

“If we’re going to be in the 
enterprise, we have to under- 
stand that’s what 
face,” O’Brien said. 

Analysts, 


customers 
however, have 
said a month or two delay for 
the server operating system 
shouldn’t affect corporate 
customers too adversely, since 
most are still dealing with up- 
grades to the previous Win 
dows 2000 operating system. D 
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‘Trucker McLane Rolls Out 
Wireless Vehicle System 


Allows paperless 


BY BOB BREWIN 

LANE CO. has 
unveiled plans 
to install mo- 
bile comput- 
ers with satel- 
lite and wireless communica- 
tions systems in 1,050 trucks in 
its grocery-store delivery fleet, 
transforming the vehicles into 
mobile information centers 
tied into the company’s back- 

end systems. 
Dave Dillon, 
transportation at Temple, 


Texas-based McLane, said the 


project, announced last week, 
will cost between $10 million 
ind $20 million, with a pay- 
back on investment expected 
within two years. 

Dillon said 
munications system, developed 
by Symbol Technologies Inc. in 
Holtsville, N 
nentially greater functionality” 


the mobile com- 


Y., provides “expo- 


manager of 


s invoicing, delivery 


than the 


tracking systems typically used 


wireless package- 


by delivery companies. 


Wireless LAN Hits the Road 


The cab of a McLane truck is equipped with an on- 
ard communications terminal with both satellite and 

wireless LAN links. At a delivery site, the driver uses a 

off items on an electronic 


ta McLane 


code scanner to check 


manites na digital signature. A 


a. 


The driver uses a 
handheld device 
to obtain digital 
signatures. 


The McLane built 
around an onboard communi- 
cations terminal and a rugged 
Symbol _ handheld 
running Palm OS, will provide 
the company with a paperless 


system, 


computer 


process that manages all invoic- 


terminai, the 


t 
diagnostics on the truck 


Linked to satellite 
and wireless LAN 


day's deliveries into the terminal’ 
the information into back-end systems. McLane uses a satellite 
link to send driver dispatch orders 


and also to perform remote 


ing and delivery transactions, 
including capturing electronic 
signatures for proof of delivery, 
Dillon The will 
manage dispatch opera- 
automate driver logs and 
give McLane the ability to per- 


said. system 
also 


tions, 


wireless LAN connection dumps records from the 


s wireless LAN, which then feeds 


A truck link to 

a satellite pro- 

vides on-road 

remote diagnostics and short 
messaging services to the driver. 


Q' communications/computer 
O termina pumps records of 
deliveries into a wireless LAN. 


Ricochet Wireless Faster Than Advertised 


ised 128K bit/sec. data rate. 


But availability is 
limited, say users 


BY BOB BREWIN 
In an era of endless techno- 
hype, the high-speed Ricochet 
mobile wireless service from 
Metricom Inc. stands out 
delivering more than it prom- 
But 
those same users are frustrated 
because its availability is limit- 
ed to only 15 U.S. markets. 

San Metricom 


for 


ises, according to users. 


Jose-based 


promises a connection speed of 


128K bit/sec. in all but two of its 
markets — Seattle and metro- 
politan Washington, the com- 
pany’s original service areas. 
Those two markets, offering 
28.8K bit/sec., have upgrades 
planned, but those have yet to 
be scheduled. 

However, users in the other 
areas told Computerworld last 
week that they routinely con- 
nect at about twice the prom- 


Ed Lynch, assistant vice 
president for network tele- 
communications and desktop 
services at Credit Lyonnais Se- 
curities USA Inc. in New York, 
said average connection speeds 
in the center of the city run at 
460K 
tend to drop off in the outer 


bit/sec., though speeds 
boroughs. 

Credit Lyonnais has pur- 
chased 50 Ricochet modems 
for its IT staff, which uses the 
service to connect to the com- 
pany’s virtual private network 
(VPN) while the 
Lynch said he isn’t concerned 
about the security implications 
associated with a wireless con- 
nection to the company’s sys- 
tems. Using a VPN means “this 
is a fully encrypted service,” he 
said. “Someone would have to 
go to a lot of time and expense 
to capture this [data].” 

Lynch said he has only two 
complaints about the service: 
its limited geographical reach 


on road. 


and its cost. He said he consid- 
ers the small national! footprint 
of the service a serious limita- 
tion that inhibits rollout to oth- 
er parts of the bank, and he 
calls the fee of $59 per month, 
per user “a little high.” Credit 
Lyonnais receives a volume 
discount from what is actually 
individual 
for unlimited 


a $79-per-month 
subscriber fee 
airtime. 

Alan Foster, vice president 
for government and communi- 
ty affairs at Sanyo North Amer- 
ica Corp. in San Diego, said he 
routinely connects to Ricochet 
at anywhere from 248K to 
260K bit/sec. from his office 
close to the Mexican border, as 
well as from his home in 


Scripps Ranch in the north of 


| the vast county of San Diego. 


He said his connection speed 
has peaked at 460K bit/sec. 
“This is better than DSL,” he 
said, referring to the Digital 
Subscriber Line service avail- 
able from phone companies. 


| 
| 
| 
| 
| 


Information from the 
wireless LAN is fed 
into back-end systems. 


Foster said he has evaluated 
Ricochet for companywide de- 
ployment, but he noted that it’s 
difficult to push the service be- 
cause of its lack of a nation- 
wide infrastructure. Like Lynch, 
Foster said he finds the month- 
ly fee rather steep. 

Roger Hodge, owner of 
Hodge Printing Co. in Dallas, 
said he considers the Ricochet 
service a bargain, since he uses 
it in fixed mode in lieu of a DSI 
line, which he estimated would 
cost him about $150 per month. 


Fast but Pricey 


Ricochet offers the following: 

= Service for $79 per month for unlim- 
ited airtime and volume discounts to 
$59 per month for enterprises with 
more than 20 accounts 


& wAn external USB modem for $99; 
an internal PCMCIA modem for$299 


. = 128K bit/sec. service in Atlanta, Bal- 
timore, Dallas/Fort Worth, Denver, De- 
troit, Houston, Los Angeles, Minneapo- 
lis/St. Paul, New York, Philadelphia, 
Phoenix, San Diego and San Francis- 
co; 28.8K bit/sec. service in Seattle 
and Washington 
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form remote diagnostics on the 
vehicles via satellite. 

Drivers will use the Symbol 
handheld to 
information 


record 
with a 


delivery 
bar-code 
scanner and to capture elec- 
tronic signatures using Track & 
Trace point-of-delivery 
ware from IBM. When the dri- 
ver returns to one of the 17 
McLane terminals Symbol has 
equipped with a wireless LAN 
the 
communications system senses 
the 11M bit/sec. wireless LAN 
and automatically starts dump- 
ing data that has been stored 
throughout the day, Dillon said 

Bob Egan, an analyst at Gart- 
ner Inc. in Stamford, Conn., 
said the use of satellite-based 


soft- 


infrastructure, onboard 


is well- 
trucking 


information systems 
established in the 
industry. 

“[But] what’s emerging in a 
big way is the use of multiple 
wireless techniques to address 

business require- 
Egan “We will 
continue to see wireless LAN 
adoption explode in many sec- 
tors of the [transportation] 
market, because unlike wide- 
area terrestrial and 
satellites, wireless LANs can 
deliver higher speed and sup- 


specific 


ments,” said. 


wireless 


port greater capacity demands 
where needed.” D 

Hodge said he gets average 
connection speeds of 225K bit 
He said he finds Metri- 
com’s approach refreshing 
compared with that of cell 
phone which 


sec. 


carriers, have 
hyped next-generation service 
at speeds of 144K bit/sec. but 
say average speeds will be in 
the SOK to 70K bit/sec. range. 

Metricom “underpromises 
and overdelivers,” Hodge said, 
“while the cell companies 
doing the opposite.” 

John Cornwell, vice president 
of business development at 
Metricom, said that while the 
company is well aware that its 
customers routinely experience 
higher speeds, it plans to stick 
with promoting and guarantee- 
ing the 128K bit/sec. speed. 

Cornwell said not only can 
Metricom deliver 128K bit/sec. 
today, but it can also continue 
to do so in the future as it adds 
customers and increases the 
load on the network. 

According to Metricom, 
that’s because it uses a patent- 
ed “mesh” network architec- 
ture that preserves throughput 
when users are added. D 


are 





a | 
wa Ph ‘pee 


ed 


rd 
a ee" ee” ee ad 


Te a alae aa 


Ly 


4 


ee Yee - “ 


A, the power of e-business. It has redefined 
geography and enabled new relationships with an 
entirely new cost structure. And now, the second 
wave is here. To get ahead, you have to tap into 
brand new marketplaces 

Cap Gemini Ernst & Young can take your 


e-business farther. We will help you compete on a 


MANAGEMENT CONSULTING - 


| 


— 


at 


variety of new frontiers, such as digital marketplaces, 
extended enterprises and peer-to-peer applications 
if your company is not there, where exactly is it? 

As one of the top global management and IT 


firms, we are the world leader in developing and 


TAY 
ERNST & YOUNG 


SYSTEMS TRANSFORMATION 


, a 
: Citic” 


a | 


implementing digital marketplaces for leading sectors, 
such as automotive, energy, fi 
and life sciences. In fact, Gartner, a top research and 
advisory firm, lis p Gemini Ernst & Ye Ss a leader 
in IT strategy, planning and architecture services* 

The opportunities to create are out there, but 
are you listening to the right ones? 


www.cgey.com 





Dell Recalls Batteries 


The U.S. Consumer Product Safety 
Commission said Dell Computer 
Corp. is voluntarily recalling 
284,000 batteries used in its 
Inspiron line of laptop computers 
because they can overcharge, 
become very hot, release smoke 
and possibly catch fire. Dell said it 
has received one report of a battery 
that overcharged, resulting in minor 
property damage but no injuries. 
The batteries covered by the recall 
are used in Dell Inspiron 5000 and 
5000e notebook computers. 


Starbucks on the LAN 


Seattle-based Starbucks Coffee Co. 
last week said it has selected Com- 
paq Computer Corp. as the main 
hardware supplier for its project to 
deliver high-speed wireless LAN 
access to store customers. Under a 
five-year agreement, Compaq will 
provide iPag handheld computers 
that Starbucks customers will be 
able to use by early next year to 
access broadband content and 
services from more than 70% of 
the company’s stores worldwide. 


E-Retailers Struggling 


A survey of 550 North American 
retailers doing business on the Web 
shows that companies with estab- 
lished mail-order catalog businesses 
are virtually the only ones making 
profits online. The least successful 
online retailers are those that have a 
Web-only presence, said Peter 
Stranger, a vice president at The 
Boston Consulting Group Inc. (BCG). 
BCG released the latest quarterly 
survey last week with Washington- 
based Shop.org, an association of 
online retailers. 


Air Force Blasts Patch 


Two researchers at the U.S. Air 
Force Academy Computer Science 
Department have published a paper 
criticizing security measures imple- 
mented in a patch for Microsoft's 
Outiook 2000 e-mail client. The pa- 
per, “Reinforcing Dialog-based Se- 
curity,” is slated to be presented at 
a conference at West Point next 
month. It claims that the patch 
issued in the aftermath of the 

“| Love You” virus attack last year 
doesn’t adequately protect users. 
Microsoft has disputed the claim. 
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IP Telephony to ‘lake Center 
Stage at Networld+Interop 


Cisco and Nortel among vendors to show 
latest technology to users and prospects 


BY JAMES COPE 
S NETWORK equip- 
ment buyers and 
vendors gather 
this week at the 
Networld+Interop 
(N+I) conference, both camps 
will have a special type of con- 
vergence on their minds: send- 
ing voice and data as IP pack- 
ets over a single network. 
Networking juggernauts Cis- 
co Systems Inc. and Brampton, 
Ontario-based Nortel Net- 
works Corp. are targeting cor- 
porate users with the products 
they will put on display at the 
Las Vegas event. Meanwhile, 
competitor 3Com Corp. in San- 
ta Clara, Calif., has already suc- 
cessfully bagged many small 
and midsize operations with of- 
ferings it will tout at the show. 
IP telephone technology will 
also be in the minds of show- 
goers representing organiza- 
tions that have already rolled 
such systems, including 
such prominent companies as 
Merrill Lynch & Co., Datek On- 
line Brokerage Services LLC, 
and The Dow Chemical Co., as 
well as educational institutions 
such as the University of Ar- 
kansas at Pine Bluff and Lake- 
head University in Thunder 
Bay, Ontario. 


out 


Jumping the Gun 

Cisco couldn’t wait for N+ 
to release new product infor- 
mation last week an- 
nounced a system that would 
put a subset of its Call Manag- 
er software on its routers or 
switches at branch offices, 
eliminating the need for a Call 
Manager server at each site. 

Capt. Chris DiNofrio, a U.S. 
Marine Corps data systems of- 
ficer in New Orleans, said the 
Cisco feature could save some 
serious money. He’s rolling out 
a Cisco IP phone system that 
will connect 180 Marine Corps 
Reserve centers the 
country. “I don’t want to put a 
[Cisco Call Manager] server 
that costs $15,000 at each site,” 
DiNofrio said. 


and 


across 


Nortel officials were mum 
the IP telephony an 
they plan to 
make at N+I. But in response to 
Cisco’s announcement, a Nor- 
tel spokesman countered that 


about 
nouncements 


the voice-over-IP features Cis- 
co is introducing, such as uni- 
fied 


messaging, are already 


built into Nortel’s existing IP 
telephone system. 

Larry Hettick, vice president 
of consulting at Telechoice 
Inc. in Tulsa, Okla., said, “Nor- 
tel has IP-enabled their exist- 
ing PBX [private branch ex- 
change] system.” He noted that 
corporate users that already 
have a Nortel PBX may find 
this a good way to implement 
an IP phone system. 

Lakehead University is in- 
stalling a Nortel IP phone sys- 


itigroup Extends Payment 
System to MSN Customers 


BY LUCAS MEARIAN 
Citigroup Inc. signed a deal 
last week to provide its person- 
to-person payment 
dubbed c2it, to subscribers of 
Microsoft Corp.’s MSN Inter- 
net service. But analysts say 
such ventures rarely turn a 
profit and aren’t garnering a 
critical mass of users. 

Citigroup’s agreement with 
Microsoft will open the pay- 
ment service to MSN users, al- 
lowing them to send and re- 
ceive cash via e-mail. 

The New York-based finan- 
cial services provider said the 
agreement with Microsoft is 
part ofa Strategy to reach new 
audiences through “target- 
focused partnerships” with on- 
line brand-name companies. 

In October, Citigroup agreed 
to offer its online-payment sys- 
tem to America Online Inc.’s 
26 million subscribers. 

The person-to-person pay- 
ment system via an 
e-mail service that allows users 
to send messages instructing 
banks to transfer money from 
their accounts, such as a credit 
card or debit card account, to 
another person’s or institu- 
tion’s account. Recipients of 
the are notified 
e-mail that money is waiting 
for them, and they can obtain it 
through an electronic account 


system, 


works 


money via 


| ora paper check. 


Citigroup announced that 
it’s doing away with a fee of $2 


elec- 
The 
service is free of charge for the 
first three months in which a 
member is signed up; there- 


per transaction for its 


tronic-payment service. 


after, there is a minimum fee of 


50 cents per transaction, up to 
a maximum of 2.2% of the 
amount of the transaction. The 


fee depends on the type of 


transaction — whether it’s a 
transfer from a savings ac- 
count, a transfer from a check- 
ing account or a credit card 
payment, for example — and 
on the type of credit card used. 

Ken Kerr, a payment systems 
analyst at Gartner Inc. in Stam- 
ford, Conn., said the introduc- 
tion of the service on MSN is 
insignificant to the market- 
place because e-mail payment 
systems have yet to gain mass 
popularity or return profits. 
But Citigroup’s lower pricing, 


ee 
More Coming 


Other upcoming enhancements 
of Citigroup’s online payment 
system include the following: 

m The ability for U.S. residents to send 
money from their desktops to recipients 

in 30 countries, scheduled for mid-May 


@ An account-based card, scheduled for 
the third quarter 


@ Expanded international use of the 
service, planned for the end of the year 


A line of credit linked to the account- 
based card, also planned for year's end 


tem. The university’s presi- 
dent, Fred Gilbert, said, “Using 
the existing Category 5 Ether- 
net cable to send voice as data 
is a very cost-efficient way [to 
deploy a phone system ] for this 
campus.” 

Rolando Garcia, chief net- 
work architect at Datek On- 
line, said his company installed 
350 Cisco IP phones a little 
more than two months ago and 
plans to install another 1,000 
IP phones by the end of June. B 


he said, is strategically smart 
because it shows that the fi- 
nancial services firm recog- 
nizes that the value in online 
payment systems lies in its 
“sticky factor,” or the ability to 
keep customers around by of- 
fering added services. 

“There just isn’t a lot of 
money to be made in parents 
sending money to kids at 
school,” Kerr said. “I think it’s 
an attempt to create a live 
transaction mechanism, with 
some realistic hope that some- 
one will use it.” 

Chris Jolley, director of mar- 
keting for MoneyCentral, the 
MSN Web page on which the 
c2it service is located, said the 
service will bring Microsoft 
additional advertising from 
“very targeted placement and 
sponsorship.” 

Jolley also disagreed with 
analysts’ predictions of slow 
adoption, noting that online 
payment technology is still in 
its infancy. “We believe 
there is incredible potential for 
it in the everyday financial ac- 
tivity arena,” he said. 

Other electronic services in- 
clude Palo Alto, Calif.-based 
X.com Corp.'s PayPal, a service 
that’s popular with online auc- 
tion users and small 
businesses, and Columbus, 
Ohio-based Bank One Corp.’s 
eMoneyMail. 

Wells Fargo & Co. and eBay 
Inc. recently announced a sim- 
ilar agreement to offer Bill- 
point Inc.’s payment service. D 


MOREONLINE 


For Computerworld’s complete financial 
coverage, go to: 
www.computerworld.com/finance 


online 
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Antitrust Nominee Shows 
Poker Face on Microsoft Case 


Says high-tech antitrust ‘one of the top 
priorities’ but avoids discussion of case 


BY PATRICK THIBODEAU 
HE PERSON who's 
expected to be- 
come the head of 
the U.S. Justice 
Department's anti- 
trust division, attorney Charles 
James, said at his confirmation 
hearing last week that the 
high-tech industry should be 
as competitive as other 
and that the role of antitrust 
law is to ensure such compe- 
tition. 

Speaking before the Senate 
Judiciary James 
gave no indication of whether 
the Bush administration would 
shift course on the Microsoft 


any 


Committee, 


lawsuit, arguably one of the 
most important antitrust cases 
of the past 100 years. 

In the U.S. District 
Court Judge Thomas Penfield 
Jackson sided with the Justice 
Department and the states and 
ruled that Microsoft Corp. had 


case, 


engaged in anticompetitive 
business practices and abused 


its monopoly power in the 
desktop operating systems mar- 
ket. Microsoft appealed the 
ruling to the U.S. Court of Ap- 
The 
could come at any time. 


peals. court’s decision 

Once the appeals court rules 
on Microsoft, the Bush admin- 
istration will have to decide its 
next course of action: seek a 
new round of settlement talks 
or continue the legal battle to 
the U.S. Supreme Court. 

The only insight James of- 


fered on the future of Micro- 
anti- 
trust cases was that the depart- 
ment will “look as closely as 


possible to preserving victo- 


soft and other pending 


ries and rectifying defeats.” 
James was an antitrust official 
in the Justice Department dur- 
ing the administration of the 


elder George Bush. 


Committee Chairman Orrin 
G. Hatch (R-Utah), who has 
repeatedly expressed concern 
about Microsoft's power, didn’t 
ask James about the Microsoft 
case directly. 

“Do think monopoly 
power is more likely to occur 
in high-tech industries than in 


you 


other industries? If so, what are 
the implications of your con- 
clusion for antitrust enforce- 
ment?” Hatch asked. 

In response, James said that 
the issue was “one of the top 
priorities” for the antitrust di- 
vision. The company that’s 
first to market with a product 
“may have a prevailing market 
position for some period of 
time,” James said, and the Jus- 
tice Department didn’t want to 
“discourage” innovation. 

The rapid pace of change has 
to be considered in evaluating 
high-tech industries, he said. 
“However, I think that these in- 
dustries need to be competi- 


FIC Official Faults Corporate Privacy Policies 


But businesses say feds are partly to blame 


BY PATRICK THIBODEAU 


Many corporate privacy poli- 
cies are too hard to find, too 
long and too confusing, ac- 
cording to U.S. Federal Trade 


Users Anticipate Integrated 


Lawson/Siebel 


BY MARC L. SONGINI 
Lawson Software 
Insight 8.02, 


tion of e-business and process- 


will unveil 


its next genera- 
improvement applications, at 
its annual user conference in 
Anaheim, Calif., today. The St. 
Paul, Minn.-based company 
says the software will 
automate industry 
e-business processes 

Users will most likely be ea- 
ger to learn about the integra- 
tion of San Mateo, Calif.-based 
Siebel Systems Inc.’s customer 
relationship management ap- 
plications with Lawson's enter- 


new 
service 


prise resource planning suite 
and whether they will need ex- 
pensive middleware “to glue 
them together,” said Catherine 


Applications 


Jones, an analyst at Aberdeen 
Group Inc. in Boston. The com- 
panies announced their inte- 
gration deal last year. 

In the slowing economy, 
users will also be interested in 
the business analysis functions | 
Lawson has been adding to its 
software to help companies 
optimize processes, she said. 

Dennis Miller, CIO at Mem- 
orial Healthcare System, a 
public hospital in Hollywood, 
Fla., said he wants to learn 
more about the migration path 
from the Lawson.insight 7 
Series to the Lawson.insight 8 
Series. The application suite 
is Web-enabled and doesn’t 


ware.D 


| 
es 
require special desktop soft- | 


Commissioner Sheila Anthony, 
who said she believes compa- 
nies need to standardize their 
policies in much the same way 
that food companies use nutri- 
tion labels that make it easy for 
consumers to count calories. 

“In short, many privacy poli- 
cies are beginning to look like 
complex legal documents that 
do not give consumers real 
choice,” said Anthony. 

Among the trends Anthony 
cited at the first annual Privacy 
and Data Protection Summit 
was a tendency among some 


| companies to establish privacy 


policies that grant them 


| sweeping rights to sell and 


transfer customer data. 
But some corporate officials 
at the Privacy Officers Asso- 


| ciation-sponsored conference 


here said the federal govern- 
ment should shoulder at least 
some of the blame for complex 
privacy polices. Executives at 
financial services firms, for in- 


| stance, say that to comply with 
| the privacy provision of the 


| Gramm-Leach-Bliley Act, the 


financial modernization law ap- 
proved in 1999 and taking effect 
July 1, company privacy policies 
must include legal language 
from that act as well as from 


state laws affecting privacy. 

Citigroup Inc. in New York 
has addressed that problem by 
creating two versions of the 
privacy policy it sends to con- 
sumers. One version is struc- 
tured to meet the requirements 
of the law, but a second version 
outlines the company’s privacy 
policy in 10 concise points. 
Customers tend to prefer the 
latter Stephen 
Durkee, 
implementation officer. 

The feedback Citigroup has 
received from 
that “this sounds like it really 
came from you, and not from 
your lawyers,” Durkee said. 

Harriet Pearson, IBM’s chief 


version, said 


Citigroup’s privacy 


customers is 


Upcoming Hurdles 


>The Gramm-Leach- 
Bliley Act takes effect 
July 1. Financial institutions 
must provide annual pri- 
vacy notices and give cus- 
tomers the right to opt out 
of sharing information with 
nonaffiliated third parties. 


>The European Union 


may begin enforcing its data 
privacy protection laws July 


1. It’s been holding off to give | | 


U.S. companies a chance to 
sign up for safe harbor pro- 
tection. Fewer than 50 U.S. 
firms have done so. 
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tive just like other industries, 
so there is a continuing role for 
antitrust,” he added. 

Sen. Patrick Leahy (D-Vt.) 
questioned whether James, who 
has represented clients against 
government antitrust enforce- 
ment actions, will be able to 
do a “180-degree turn now and 
enforce anti 
trust laws.” 

James said 
that he plans 
to avoid “eth- 
ical complica- 
tions” or the 
appearance of 
such, adding 
that he will 
do whatever 
the Justice 
Department’s 
ethics staff 
tells him to do, “without ques- 
tion.” James is a partner in the 
Washington office of Jones, 
Day, Reavis & Pogue. D 


JAMES: The division 
will work at “pre- 
serving victories and 
rectifying defeats.” 


privacy officer, agreed with 
Anthony. “We need to work to- 
ward making [privacy policies] 
simpler,” she said, but added 
that it’s an evolving process. 
Just a few years many 
companies lacked privacy poli- 
cies, she said, pointing to in- 
dustry initiatives to improve 
upon those policies. 

There are limits to what the 
Federal Trade 
(FTC) can do to make compa- 
nies improve, said Anthony. “I 
believe the lack of comprehen- 
sive federal privacy legislation 
privacy 
has created a schizophrenic 
environment that is bound to 
get worse,” she added. 

More than 450 privacy-relat- 
ed bills have been introduced 
in state legislatures within the 
past few years. That raises the 
possibility that businesses will 
have to comply with a patch- 
work of laws, which would be 
an “untenable situation,” said 
Anthony. Moreover, it’s ex- 
pected that the European 
Union will begin enforcing its 
data protection laws next sum- 
mer, giving European residents 
greater privacy protection than 
U.S. citizens have, she said. 

Congress is considering 
nearly 50 privacy bills, but it 
appears unlikely that any pri- 
vacy legislation will be passed 
this year. “It may well take a 
push from the administration 
to get something out,” said Joel 
Winston, an acting associate 
director at the FTC.D 


ago, 


Commission 


to protect consumer 
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BRIEFS 


Microsoft Snaps Up 
NCompass Labs 


In a move aimed at furthering its 
-Net Internet initiative, Microsoft 
Corp. last week said it has agreed to 
acquire NCompass Labs Inc., which 
makes software for creating and 
managing Web content. Terms of the 
deal weren't disclosed. Microsoft 
will rebrand San Jose-based NCom- 
pass’ Resolution 4.0 as Microsoft 
Content Management Server 2000, 
with release scheduled for late in the 
third quarter or early in the fourth. 
Customers who buy the product in 
the interim will continue to receive 
support and product upgrades from 
Microsoft, the company said. 


FBI: Lucent Scientists 
Sold Secrets to China 


The FBI last week charged two Chi- 
nese nationals who were working at 
Lucent Technologies Inc. and a third 
man with stealing source code and 
software and giving the trade se- 
crets to a Chinese state-owned 
company in an effort to develop the 
“Cisco of China.” A Lucent spokes- 
woman declined to provide specifics 
of what was stolen or its value. The 
Murray Hill, N.J.-based company 
has a comprehensive system to pro- 
tect its intellectual property, and 
that system worked, she said. 


Short Takes 


Software vendor TURBOLINUX INC 
in Brisbane, Calif., and technical 
services firm LINUXCARE INC. in 
San Francisco have called off a 
planned merger because of the soft- 
ening economy and “various finan- 
cial aspects . . . that couldn’t be 
agreed upon,” according to Linux- 
care CEO Arthur Tyde Ill. . . ABBEY 
NATIONAL PLC, a London-based 
provider of retail mortgages and 
personal loans, signed a $390 mil- 
lion, 10-year services agreement 
with ELECTRONIC DATA SYSTEMS 
CORP. in Plano, Texas. EDS will 
provide IT operations management 
and develop new IT platforms for a 
joint venture owned by both compa- 
nies. . . . In response to a petition by 
Seattle-based supercomputer mak- 
er CRAY INC., the U.S. DEPART- 
MENT OF COMMERCE has revoked 
the antidumping tariffs on certain 
vector supercomputers from Japan 
that have been in place since 1997. 


Beware of P 


NEWS 


redatory 


HIPAA Consultants 


As health care regs loom, self-proclaimed 
experts peddle questionable services 


BY JULEKHA DASH 


S THE health care 
industry prepares 
for complex reg- 
ulations that will 
affect most of its 

systems and business process 

es, IT managers advise taking 
cautious steps to avoid being 
exploited by consultants 

The Health Insurance Porta 
bility and Accountability Act 

(HIPAA) presents a lucrative 

opportunity for so-called ex- 

perts, since noncompliance by 
health care officials can result 
in stiff fines and even jail time 

The regulations define stan 

electronic 


dards for transac- 


tions, as well as measures for 


protecting the security and 
privacy of patient information 
(see related article, page 44). 

In addition, certain aspects 
of HIPAA 


making it easy for health care 


remain unclear, 
providers to sign up for ser- 
vices they might not need. 

In a week, Ronald 
Margolis, CIO at the Universi- 


given 


ty of New Mexico Hospitals, 
receives 15 to 50 phone calls 
from HIPAA consultants. With 
the exception of consultants 
who work for its health infor 
mation systems vendors, the 
Albuquerque-based hospital 
chain hasn’t used any consul 
tants because it’s still too early, 
Margolis said. 

Some consultants have tried 
clever marketing tricks, such 
as asking Margolis to partici- 
pate in surveys that they use 
to gauge the kind of services 
his organization will need. In 
other instances, companies 
are giving away gadgets such 
as PalmPilots to people who 
respond to mailings that are 
really “leads to a sales call,” 
Margolis said. 

Indeed, HIPAA has “certain- 
ly got [consultants] in a feed- 
ing frenzy,” said Greg Walton, 
vice president and CIO at Car- 
ilion Health System in Roa- 
noke, Va. “It’s really the oblig- 
ation of the buyer to figure out 
what they want from a consul- 
tant, [or] the consultant is go- 


ing to run all over them.” 
Carilion is “40% done with 

HIPAA,” so Walton 

anticipate using any consul- 


doesn’t 


tants himself. But he cautions 
against working with consul 
tants who don’t have experi- 
ence in health care, because 
you may have to spend a lot of 
time explaining the context to 
them. 

In fact, clients should make 
sure that a consultant has ex 
perience with their specific 
type of health care organiza 
tion, whether it’s an insurance 
company, a hospital or a clinic, 
said Mike 
vice president and chief finan 
cial officer at the Rx2000 In- 
Minneapolis-based 

that 
firms 


rhorsen, executive 


stitute, a 
nonprofit organization 
health 


about business and technology 


educates care 
issues. 
For instance, a consultant 


who has primarily worked 


with insurers wouldn't be well 


Continued from page 1 


Telecommuting 


For instance, if an employee 
telecommuting 
son walked into the room and 


was and _ his 
saw confidential patient infor 
mation, that would violate the 
privacy rule. 

Health 


also need to consider whether 


care organizations 
telecommuters are download- 
ing patient information from 
the network and storing it on 
their home computer hard 
drives, said James Harvey, an at- 
torney at Alston & Bird LLP in 
Atlanta who specializes in pri- 
vacy issues. If so, organizations 
need to extend security rules to 
home computers, he said. 

“It’s much easier to address 
security issues in a centralized 
mainframe environment than 
on a distributed basis,” he said. 

HIPAA includes measures 
for both the security and priva- 
cy of patient information. 
Penalties for breaches include 


suited for a clinic or hospital, 
because the environments are 
completely different, he said. 
“HIPAA is much more com- 
prehensive than Y2k,” 
Thorsen. With Y2k, “a lot of 
people were able to get away 


said 


with just fixing IT,” he said. 
With HIPAA, 70% of the work 
will require adjustment of poli- 


cies and procedures, he ex 


Assess Your Needs 


Some tips for managing 

relationships with HIPAA 

consultants: 

»>Perform a “gap analysis” 
to identify organizational 
needs. 


> Avoid open-ended 
engagements. 


>» Make sure you under- 
stand your legal obliga- 
tions before hiring a 
consultant. 


» Choose a consultant who 
has worked in health care 
for an organization similar 
to yours. 


severe fines and possible jail 
time. To avoid these conse- 
quences, many health care or- 
ganizations said they will ramp 
up security measures to pro- 
tect applications on home de- 
vices, such as using virtual pri- 
vate networks, encryption or 
public-key infrastructure 

To comply with the final 
HIPAA security rules, health 
care managers will have to au- 
thenticate who is accessing the 
data, said Patrick Grotton, CIO 
at Mercy Hospital in Portland, 
Maine. 

Grotton said he’s consider- 
ing using a biometric device, 
such as an eye or fingerprint 
scanner, combined with vari- 
ous layers of password protec- 
tion to ensure that unautho- 
rized individuals can’t access 
patient information. 

But to a large extent, privacy 
measures will involve educat- 
ing and training telecom- 
muters and enforcing policies. 
Some health care IT managers 
said telecommuters who work 
in a home office rather than at 
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plained. That includes things 
such as hiring a chief privacy 
and 
pline for staff who violate pa- 


officer enforcing disci- 
tient privacy rules. 
In addition, should 


consult an attorney prior to 


users 


hiring a consultant, said Thor- 
sen. There are instances where 
“state regulations may super- 
cede HIPAA,” he said. 

Health care executives ought 
to assess their organization’s 
needs by performing a “gap 
analysis,” which is a study that 
compares a firm’s current 
HIPAA readiness against what’s 
with the 
Joyce Sens- 


needed to comply 
new rules, said 
meier, director of professional 
services at the Healthcare In- 
formation and Management 
Systems Society in Chicago. 
Otherwise, “it’s too easy for 
consultants to make the proj- 
ect bigger than it needs to be,” 
she said. 

By carefully defining an or- 
ganization’s needs, managers 
can avoid cost overruns and 
open-ended engagements, said 
Scott Cebula, vice president of 
information systems at Memo- 
rialCare in Long Beach, Calif. 
Memorial Care is creating an 
plan to prepare for 
HIPAA and is awaiting further 
from the federal 
before it retains 


action 


guidelines 
government 
any consultants, he said. D 


a computer set up in the living 
room or bedroom are less like- 
ly to invite prying eyes. 

Employees at Cook County 
Hospital in Chicago, including 
systems employees who access 
information from home, must 
sign a patient confidentiality 
agreement prior to employ- 
ment, said Soloman Appavu, 
director of systems planning. 
But in order to comply with 
HIPAA, the hospital will also 
implement strict disciplinary 
procedures for any confiden- 
tiality breaches, he said. 

To a certain extent, however, 
hospitals may have difficulty 
ensuring that telecommuters 
are keeping data private, said 
Appavu. 

“If the person is not honest, 
then you're taking a risk,” he 
said. It may be “beyond that 
person’s control to secure a 
device.” D 


MOREONLINE 


For Computerworld’s coverage of privacy, 
visit our Web site 
www.computerworld.com/privacy 
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NEWS 


Microsoft Again Takes Aim at Open Source 


Claims efforts could 
lead to ‘instability’ 


BY TODD R. WEISS 
Microsoft Corp. last week re 


newed its offensive against 
open-source software develop 
ment, a move that the software 
vendor said was made in re 
sponse to repeated queries 

about 


the 


from corporate users 


it’s responding to 

open-source movement 
The latest against 

open-source the 


third by Microsoft since Janu- 


salvo 
efforts 
ary — came during a speech in 
New York by Craig Mundie, 
the 
president of advanced strate- 
gies. Speaking at New York 
University’s Stern School of 


company’s senior vice 


Business, Mundie claimed that 
the 
could result in * 
bility” 


open-source movement 
product insta- 
and “inherent security 
risks” for software users 
Open-source development 
“leads to a strong possibility of 
unhealthy ‘forking’ of a code 


base,” potentially producing 
incompatible versions of pro- 
grams, Mundie said. More dis- 
ruptive, he added, is the GNU 
general public license (GPL) 


under which much open 


source software is created 


Continued from page 1 


Net Plans 


My first take is to wait for 
them to figure it out.” 

At the Gartner show, Allchin 
tried to clarify the .Net mes- 


be 


sage by boiling it down to the 
following five points: 

w A new programming model 
that’s “loosely coupled, XML- 
based, message-oriented” for 
developers to use in a hetero- 
geneous environment, inte- 
grated for the Internet. 

@ Meta-Internet services, such 
Microsoft's Passport, an 
identification service that con- 
sumers can opt into to person- 
alize their Web experience. 

w Tools such as Visual Studio.- 
Net to create new Web ser- 
vices with XML. 

w “Great clients and servers” 
that are equipped to parse and 
process XML and handle mes- 


as 


alters 
the 


also 


When a 
software 
GPL, the 


deemed subject to the license, 


developer 
covered under 


new code is 
meaning that it’s not owned by 
The 


argued, is 


any individual company. 
problem, Mundie 
that the GPL does away with 
intellectual 


property rights, 


making open-source develop- 
ment an unhealthy business 
model. 

Open-source approaches 
“ask software developers to 
give away for free the very 
thing they that 
greatest value, in the hope that 
somehow they'll make money 


create is of 


selling else,” 
Mundie said. 

Mundie couldn’t be reached 
for comment about his speech. 
But David Coburn, a program 
manager in Microsoft's plat- 
forms group, said Mundie’s re- 
marks 


something 


were a to 
questions from customers who 
know the 


position 


response 


want to software 


vendor’s on open- 


source programming. 
Some of the 


parts open- 


Microsoft Takes On 
‘Naked’ PC Orders 


Prizes for PC makers 


BY DOUGLAS F. GRAY 

ICROSOFT CORP. 
has sparked a 
new controver- 
sy by sending a 
letter 


makers offering them re- 


to some 
PC 
wards in return for identifying 
corporate users who ask that 
computers be shipped “naked,” 
without Windows installed. 
Users who have made such 
requests may have “misunder- 
stood” their Windows licens- 
ing agreements, Microsoft said 


in the letter, which was issued 


sages sent using the Simple 
Object Access Protocol. 

w Web services to which devel- 
For in- 
stance, a developer might want 
to link a flight-booking applica- 
tion on one site to a car-book- 


opers can program. 


ing application on another. 
“What Jim said added a little 
more detail and more pieces of 
the puzzle for people to figure 
out,” said analyst David Smith 
at Gartner in Stamford, Conn. 
But Allchin didn’t clear up the 
confusion, he added. “.Net is a 
huge thing, and they haven't 
done a very good job of de- 
scribing it thus far,” Smith said. 
He said one miscue was Mi- 
crosoft branding its enterprise 


servers with the et” mon- 
iker, even though the “.Net en- 
terprise servers have nothing 
to do with software as a service 
or Web services.” 
No matter how confusing 
| the message, one .Net element 
| that’s expected to affect most 


who report requests 


in late April to thousands of 
companies that assemble PCs 
to sell directly to businesses. 
The system builders were of 
fered prizes such as software, 
watches and cooking grills if 
they identified customers seek 
ing Windows-less machines. 
According to the letter, the 
rewards would depend on how 
many naked PCs were request- 
ed by an individual user. For 
example, an order for 250 com 
puters would be worth five Mi- 
crosoft games to the system 


4 


builder that notified the soft- 


large enterprises is the new de 
velopment tools. Gartner pre 
dicted that 
will equally leverage both .Net 
and Java platforms for e-busi- 
ness within five years. 

Yet .Net enter the 
realm of possibility for most 
companies until Microsoft's 
Visual Studio.Net tool ships 
later in the year. 

Not surprisingly, serious in- 


most companies 


won't 


terest in .Net applications has 
been limited so far, said Rajiv 
Tewari, director of business in- 
telligence solutions at Seattle- 
based Avanade Inc., an IT con- 
sulting company that is a joint 
venture of Microsoft. 

Tewari, who is planning his 
Net strategy, said 
he doesn’t expect to see proto- 
type .Net applications until the 
third or fourth quarter. He pre- 
dicted that interest will ramp 
up significantly by the end of 
next year. 

Tewari said one challenge 


company’s 


| 
| 
| 


ware vendor of the request. 
Turning in a user who is seek- 
ing more than 1,000 PCs would 
net a grill and a travel chair. 
Microsoft 

week said it wasn’t trying to 
single out companies that want 
to install Linux or other non 
systems. Microsoft 


spokesman Matt Pilla said the 


However, last 


Windows 
letter was aimed at stopping 


users who believe that they 
have a site license allowing 


them to install a single copy of 


Windows on multiple PCs. 

No such license exists, Pilla 
said. “There’s a lot of confu- 
around 


sion our 


he 


enterprise 
added. “In 


fact, we don’t offer any enter- 


agreements,” 


will be clearing up customer 
confusion the 
benefits that .Net can bring. “I 


over business 
can convince the technical ar- 
chitects, the developers, be- 
cause technologically, [.Net] is 
a superior platform,” he said, 
noting that the .Net framework 
will make applications easier 
to develop, deploy and main- 
tain. “However, the key factor 
is convincing the business folks.” 

Many firms are still assimi- 
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source world are seen positive- 
ly by Microsoft, Coburn said. 
Earlier this year, Microsoft ex- 
panded a program for sharing 
its Windows source code with 
users, although no changes can 
be made in the code. 

Al Gillen, an analyst at IDC 
in Framingham, Mass., said Mi- 
crosoft apparently feels that it 
remain 


users 


can no longer idle 


corporate 
open-source development. D 


while eye 


prise agreements that cover 
new computers. They cover 
upgrades but not new copies of 
the operating system.” 

Chris Le Tocq, an analyst at 
Guernsey Research in Los Al 
tos, Calif., said the team at Mi- 
that the letter 
“could certainly be deemed 
overenthusiastic [about] this 
program.” Microsoft also 
might have gotten ahead of it- 
self because it plans to address 


crosoft sent 


the situation with technology 
in its upcoming Windows XP 
and Office XP releases, he said. 
Both those products are due 
to include “forced registration 
technologies designed to com- 
bat this kind of activity” on the 
part of users, Le Tocq said. 
Even so, he added, it would 
help small businesses if Mi- 
crosoft were to make volume 
Windows licenses available. D 


Gray writes for the IDG News 
Service. 


lating Microsoft’s last develop- 
ment platform, Windows DNA, 
said Rick Grandy, manager of 
network applications and sys- 
at a Richland, Wash.- 
based division Lockheed 
Martin Corp. 

“It seems to me that .Net is 
trying to be both a develop- 
ment environment and the de- 
livery vehicle,” said Lionberg- 
er. “I expect it will change 
quite a bit.” 


tems 
of 


Microsoft Platform Evolution 


Microsoft's .Net is the latest in the company’s line of platforms: 


Stand- 


alone PC _—Client/server 


Internet Web services 
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NEWS 


U.S. Customs to 
Get IT Overhaul 


New infrastructure will 
replace legacy systems 


BY LUCAS MEARIAN 
HE U.S. CUSTOMS SERVICI 
said last week that it has 
awarded a 15-year, $1.3 bil- 
lion contract to upgrade its 
entire IT infrastructure, in- 
cluding software management systems, 
to a multi-industry team lead by IBM 
Global Services. 

The Customs Service said an explo- 
sion in international trade is forcing it 
to replace a 17-year-old automated sys- 
tem that has experienced chronic out- 
ages and often forced end users to re- 
sort to alternate methods of doing busi 
ness, such as using pens and paper. 

The first system to be addressed in 
the new IT infrastructure is called an 
Automated Commercial Environment, 
which will manage the federal agency’s 
import/export transactions and will 
bring the Customs Service in line with 
technology used in the private sector, 
according to Acting 
Charles W. Winwood. 

The selection of an integration con- 
tractor, Winwood said, is an important 


first step in providing U.S. Customs | 
“state-of-the-art technology es- | 
sential to expediting movement of com- | 
international | 
airport, trade zone and potential border | 


with 
merce,” through every 


crossing. “Customs modernization will 


also dramatically enhance our ability to 


intercept contraband,” he said. 

The contract will upgrade computer 
hardware and software related to com- 
mercial trade, 
ministration systems. 


Tom Burlin, vice president of federal | 


government industry at IBM Global 


Services, said the upgrades will run | 
“replac- 
ing outdated legacy systems with best | 


from desktops to mainframes, 


practice, off-the-shelf systems.” 

Burlin said the Customs Service 
wants to move to a more automated 
knowledge-based system and away 
from 
to catalog the serial number and coun- 
try of origin of all products coming 
through U.S. border checkpoints. 

“It’s a very complicated system 
Burlin said. “We're looking to use new 
commercially available products that 
have the ability to create intelligent sys- 


| tems to manage and automate databas- 


es and speed imports and exports while 
maintaining the control expected for 


| safety of trade and our citizens.” 


Commissioner |} 


law enforcement and ad- 


“laborious” keyboard entry used | 





The IBM-led team, called the e-Cus- 
toms Partnership, includes Lockheed 
Martin Mission Systems in Bethesda, 
Md., which will develop and integrate 
new systems and software; McLean, 
Va.-based KPMG Consulting Inc.; Com- 
puter Sciences Corp. 
in El Segundo, Calif., 
which will lead the 
information security 
and telecommunica- 
tions effort; and Mia- 
mi-based Sandler & 
Iravis Trade Adviso- 
ry Services _Inc., 
which will provide 
global trade and cus- 
toms expertise. More 
than 40 other firms 
will also be involved 
in the overhaul. 

The Customs Ser- 
also partnered 
with The Mitre Corp., 
a federally funded re- 
and develop- 


vice 


search 


Study: Firms 
Refocus Apps 
On Customers 


BY STACY COWLEY 
NEW YORK 
Businesses’ reasons for investing in 
data-management infrastructures are 
shifting from back-office, cost-reduc- 
tion objectives to customer-oriented, 
revenue-generating goals, according to 
a study conducted by the Silver Spring, 
Md.-based Association for Information 
and Image Management International 
(AIIM) and Gartner Inc 

The survey results, which were re- 
leased at last week’s AIIM 2001 confer- 
ence here, revealed that the fastest- 
growing niche of the enterprise appli- 
cations market is customer relationship 
management (CRM), which is current- 
ly showing 26% annual expansion. 

Gartner’s definition of the enterprise 
applications market also includes en- 
terprise resource planning (ERP), 
records management and archiving, ac- 
counts payable and receivable, and hu- 
man resources management. 

Totaling all five areas, Stamford, 
Conn.-based Gartner estimated that the 
market will grow from about $11 billion 
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ment center in Bedford, Mass., and 
Robbins-Gioia LLC, a program manage- 
ment consulting firm in Alexandria, Va. 
| Mitre will provide strategic planning 
support and independent technical 
evaluation, and Robbins-Gioia_ will 
head up program management support 
for the Customs Modernization Office. 

The project was mandated by the 
Customs Modernization and Informed 


| Compliance Act of 1993 and other acts 


that require improved business func- 
tions, paperwork reduction and in- 


| creased electronic processing. D 


THE CUSTOMS SERVICE wants to deploy a more automated 
system for cataloging products that come through U.S. border 
checkpoints like this one. 


last year to $22.5 billion in 2004. 
The study included responses from 


| approximately 1,000 enterprise applica- 


tions users in North America, Europe, 
Latin America and the Pacific Rim. Al- 
most half of the respondents work at 


| companies with more than 1,000 em- 
| ployees, and Gartner said the survey is 


more reflective of large organizations 
than of the business market as a whole. 
The survey found significant interest 


among corporate users in outsourcing 
enterprise applications to application 


service providers (ASP), although 
Gartner warned that the overall market 
outlook for ASPs has softened since the 
survey was conducted in December. 
The research firm also cautioned that 
companies may be reluctant to trust 
sensitive data to a relatively unsecured, 
third-party system. 

Companies of all sizes are showing 
significant demand for wireless ERP 
and CRM applications, Gartner said. 

Electronic document imaging tech- 
nologies are the most commonly used 
applications, with 58% of companies re- 
porting that they have installed such 
systems. More than 45% of respondents 
said they use collaborative tools such as 
Microsoft Exchange and Lotus Domino. 
Only one-third of those surveyed said 
they currently use content-manage- 
ment software, but 21% said they plan to 
use it soon. D 





Cowley writes for the IDG News Service. 
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CA Accounting Procedures Under Scrutiny 


Times article says 
CA skewed earnings 


BY MARC L. SONGINI 
Executives at Computer Asso 
ciates International Inc. 
week defended the company’s 


procedures, 


last 
new accounting 
even as the firm’s stock plum- 
meted after a negative article 
about the changes appeared in 
the press 

Last week, CA said its finan- 
cial methods, at- 
tacked in an April 29 article in 
The New York Times, are sound 


reporting 


and aren't an attempt to obfus- 


cate real earnings. Islandia, 
N-Y.-based CA prepared a press 
the 


on 


responding to 


that, 


release 
Times’ 


standard 


claim based 
accounting 


“sales have fallen 


proce- 
dures, CA’s 
almost two-thirds over the last 
six months” and that it’s using 
a new financial repor } 

last October, 


tem, started 


a smoke screen to cover it. 


The newspaper based its con 
clusion on CA's April 16 pre- 
liminary fourth-quarter results 
which CA 
be 


$732 million, a decrease from 


announcement, in 


stated its revenue would 
the previous year’s $1.9 billion. 

Although CA had reported 
on a pro forma/pro rata basis 
annual revenue of $1.44 billion, 
up from last year’s $1.39 billion, 
the article shook up investors 
enough the firm’s 
stock to plummet by more than 
1% on April 30. In a press con- 
ference that day, CA 
President and CEO Sanjay Ku- 
mar defended the numbers and 
said the Times hadn't fully tak- 
en into account the use of the 
new accounting model, which 
books the value of a contract 


Tale of Two | 


Procedures 


In the case of a three-year, 
$3 million license fee trans- 
action: 


OLD SYSTEM: All $3 million 
is realized as revenue in the quarter 


to cause 


same 


s0 $250,000 is realized each quarter 
until the contract ends. 


incrementally on a monthly 
previously, CA _ had 
booked the full value of such 
contracts upfront. Kumar said 
the newspaper overlooked the 
fact that under the new model, 
CA had also reported $1.3 bil- 
value,” or 
backlog, which isn’t consid- 


basis; 


lion in “residual 


ered revenue. 
Several analysts maintain 


that the dispute amounts to a 
half-empty/half-full water glass 
conundrum. 

Both sets of that 
CA uses are useful to evaluate 


numbers 


its performance, said Chris 
Mortenson, an analyst at in- 
vestment bank Deutsche Banc 
Alex. Brown Inc. in New York. 
While the changeover in ac- 
counting methods should make 


observers cautious, there is 
“nothing in it to lead any ana- 
lysts to believe they’re cooking 
their books,” Mortenson said. 
The company’s cash flow has 
been strong, and that’s the key 
metric to evaluating a firm’s 
health, he said. 

Either way, the dispute won't 
affect CA’s enterprise users, 
said Richard Ptak, an analyst at 
Framingham, Mass.-based con 
sultancy Hurwitz Group Inc. 
It’s just an “accounting dis- 
pute,” Ptak said. D 
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[It’s just an] 
accounting 
dispute. 


RICHARD PTAK, ANALYST, 
HURWITZ GROUP, ON WHY THE 
CA-NEW YORK TIMES DISPUTE 

WON'T AFFECT USERS 


Microsoft Plans to Simplify 
Integration With Identrus Net 


Products aimed at financial services firms 


BY JAIKUMAR VIJAYAN 
ICROSOFT CORP. 
is working to 

make several of 

its core prod- 
ucts easier to 
integrate with Identrus LLC’s 
secure global network for fi- 
nancial services firms. 
Under an agreement 
tween the firms an- 
nounced last week, Microsoft 


be- 


two 


will add new hooks and tools 
to products such as Windows 
2000 and .Net 
servers that will help them 
work better with the Identrus 
network. 

Microsoft will work 
with Blue Bell, Pa.-based Uni- 
Corp. and Dublin-based 
Baltimore Technologies PLC 
to develop and sell a prepack- 
aged, Identrus-ready technol- 
that financial 
vices firms can use to quickly 
secure high-value, Internet- 


enterprise 


also 


SVS 


ogy suite ser- 


based transactions. 

New York-based Identrus 
was established by eight lead- 
ing global banks, including 
ABN Amro Bank NV, Bank 
of America Corp., The Chase 
Manhattan Corp. and Citi- 
group Inc. 

Since 1997, Identrus has been 
building a global system based 
on public-key infrastructure 
(PKI) and aimed at letting 
financial institutions and cor- 
porate trading partners reli- 
ably identify one another dur- 
ing e-commerce transactions. 

| The system is also designed to 


| 
| 
| 
| 


create nondisputable records 
of the transactions. 

Identrus has prescribed spec- 
ifications, standards and inter- 
operability test processes that 
technology vendors must meet 
to be able to sell to member in- 
stitutions. More than 45 banks 
are currently part of the Iden- 
trus system. 

The agreement with Micro- 
soft means that more applica- 
are becoming available 
to meet these requirements, 


tions 


said Laura Rime, an Identrus 


director. 


Simpler for Banks 

As part of the agreement, 
Microsoft will integrate prod- 
ucts such as Windows 2000 
and BizTalk with an Identrus 
tool kit that specifies how mes- 
sages are to be handled within 
the Identrus system and how 
validation of certificates should 
work, Rime said. 

Such processes are already 
possible but typically take time 
and integration efforts by Iden- 
trus’ member banks, she said. 
The agreement will make it 
simpler for financial institu- 
tions to bring Microsoft prod- 
ucts into the Identrus network, 
Rime said. 

“It’s a great win for Identrus, 
because the integration effort 
was always forced on banks,” 
said Pete Lindstrom, an analyst 
at Hurwitz Group Inc. in Fram- 
ingham, Mass. “Identrus wants 
to make access to their service 
as ubiquitous as possible. This 


makes it easier for them to get 
the message out to prospective 
banks that there is no integra- 
tion required [on the client] 
side.” 

Products such as Windows 
2000 already support both PKI 
for secure 
e-commerce, Bill Hart- 
nett, global director of finan- 
cial services at Microsoft. 


and mechanisms 


said 


However, “there are certain 
pieces of the Identrus standard 
and certain Identrus-specific 
[requirements] that need to be 
met,” which Microsoft is now 
integrating into its products, 
Hartnett said. He added that 
Identrus-ready Microsoft prod- 
ucts should be available in the 


second half of this year. 
Microsoft, Unisys and Balti- 
more plan to 
design, develop and sell a Win- 
dows 2000-based technology 
suite that Balti- 
more’s Unicert PKI technology 
with Unisys’ applications, sys- 


Technologies 


combines 


tems integration services and 
project management and con- 
sulting services. 

The suite will include Iden- 
trus-compliant smart card man- 
agement technology, a digital 
signature system, 
validation services, Federal In- 
formation Processing Standard 
1401-1 Level 3 hardware securi- 
ty modules and secure transac- 
tion logging services. D 


messaging 


A Transaction in the Identrus Network 


Certificate 7 
validation 7 
Bank 1 


Real-time 
certificate/identity 
and credit Bank 2 


Certificate 
hy, validation 
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BRIEFS 


Micron Sells PC Unit 
To Turnaround Firm 


Micron Electronics Inc. last week 
announced a deal to sell its money- 
losing PC business to a Los Ange- 
les-based company that tries to turn 
around struggling technology ven- 
dors. The sell-off agreement with 
Gores Technology Group comes six 
weeks after Nampa, Idaho-based 
Micron disclosed plans to exit the 
PC market and refocus its opera- 
tions on Web hosting services 
aimed at small and medium-size 
companies. That decision followed a 
loss of $168.9 million in Micron’s 
second fiscal quarter, which ended 
March 1. 


Vignette Corp. Cuts 
200 More Jobs 


Vignette Corp., a supplier of e-busi- 
ness applications, has laid off 200 
employees, or 10% of its workforce. 
The announcement came less than a 
week after the Austin, Texas-based 
company reported a first-quarter 
operating loss, excluding special 
charges, of $8.1 million, or 1 cent per 
share, on revenue of $90.1 million. 
Vignette already laid off 450 work- 
ers in January. 


Adobe to Shut Down 
For One Week in July 


In a step similar to those taken 
recently by Sun Microsystems Inc. 
and Hewlett-Packard Co., San 
Jose-based Adobe Systems Inc. 
said it will shut down operations 
during the first week of July. The 
company is requiring its approxi- 
mately 2,000 employees in North 
America to take that time off. Adobe 
said the move is expected to save 
the company $400 million. 


Short Takes 


Pleasanton, Calif.-based PEOPLE- 
SOFT INC. said it plans to acquire 
SKILLSVILLAGE INC., a Sunnyvale, 
Calif.-based supplier of contract 
service management software, for 
$33 million. . . . E-commerce host- 
ing firm LOUDCLOUD INC., also in 
Sunnyvale, said it’s planning to lay 
off 122 workers, or 19% of its work- 
force, in an effort to achieve a 
break-even cash flow. 


NEWS 


Providers With 


Developed in-house, optical technology 
will help vendor compete with Nortel 


BY JAMES COPE 
AND LUCAS MEARIAN 
LTHOUGH CISCO 
Systems Inc. is 
the dominant sup- 
plier of 
prise networking 


enter- 


equipment, 
vendor lags in the service pro- 
vider category where tradition- 


analysts said the 


al telecommunications equip- 
ment manufacturers like Nor- 
tel Networks Corp. rule. 

But Cisco maintained that an 
optical switching system it an- 
nounced last week should help 
in its quest for a bigger share of 
the service provider network- 
market and at the same 
time open a door to the stor- 
age-area network (SAN) arena. 


ing 


Cisco’s new system is called 
the ONS 15540 Extended Ser- 
vices Platform (ESP). Compa- 
ny Officials said it was devel- 
rather than 
through acquisition, as were 


oped in-house 
earlier products in the Cisco 
optical line. 

The ESP employs Dense 
Wavelength Division Multi- 
plexing (DWDM), a technolo- 


Cisco largets S 


gy that increases bandwidth by 
shooting different data streams 
at different 
wavelengths over the same op- 
tical fiber. The initial system 
will accommodate as many as 


frequencies or 


7 


32 individual wavelengths that 
can operate at 
from 16M bit/Sec. to 2.5G 
bit/sec. The 
tem will sell for $67,000 
ind is expected to be 


available month, 


speeds 


basic sys- 
? 4 


next 
Cisco officials said. 

Cisco’s main competi- 
tor in this area is Bramp- 
ton, Ontario-based Nor- 
tel and its Optera system. 
AT&T Corp. plans to 
use both systems for its 
Ultravailable Broadband 
Network, an optical net- 
work for large corporate 
customers, said Bernie 
McElroy, vice president 
of business development 
for business continuity 
solutions at AT&T. 

But McElroy wouldn't 
comment on the cost and 
performance difference 
between Cisco’s and Nor- 


Exodus CEO Details Moves 
In Management Ranks 


CFO, COO among 
those departing ISP | 


BY JAMES COPE 
When Exodus 
tions Inc. announced last week 
that Chief Financial Officer 
Marshall Case was leaving, of- 
ficials failed to mention that 
the company’s president and 
chief operating officer, Don 
Casey, was departing too. 

But after inquiries from ana- 
lysts, Exodus Communications 
Chairwoman and CEO Ellen 
Hancock held a conference call 
to clarify management changes 


Communica- 


at the Santa Clara, Calif.-based 
Internet service provider. 
Hancock Casey, 
previously 
Wang Laboratories Inc. in Bil- 
lerica, Mass., and signed on 
with Exodus a year ago, “chose 
to leave the company.” His de- 
parture, she said, was associat- 
ed with a management realign- 
ment to help Exodus “achieve a 
single and integrated face to 
the global marketplace.” 
Casey’s responsibilities have 
been split up among Hancock, 
Laurie Priddy, who is executive 
vice president of North Ameri- 
can operations, and Sam Mo- 
hamad, president of sales and 


said who 


was president of 


ervice 


Switch 


tel’s systems; instead, he said 
the brand of equipment AT&T 
installs depends on the appli- 
often, end-user 


cation and, 


preferences. 


SAN Market at Stake 

David Willis, an analyst at 
Meta Group Inc. in Stamford, 
Conn., said that although the 
new Cisco system may have 
some price advantage com- 


CISCO’S DWDM OPTICAL 
system switches as many as 32 optical 
wavelengths at up to 2.56 bit/sec. 


international field operations. 
Priddy will manage the com- 
pany’s domestic data centers. 
She was COO at Web hosting 
services firm GlobalCenter 
Inc. before Exodus acquired it 
from Hamilton, Bermuda-based 
Global Crossing Ltd. in January 
for $6 billion. 
Mohamad, who has 
been at Exodus since 
1997, will assume re- 
sponsibility for mar- 
keting and _profes- 
sional services in ad- 
dition to his current 
sales duties, Hancock 
said. She also noted 
that Morris Taradal- 
sky, executive vice 
president of engi- 
neering and technol- 
ogy, who previously reported to 
Casey, will now report to her. 
Beverly Brown, Exodus’ ex- 
ecutive vice president and 


CEO HANCOCK: The 
executive shuffle was 
done to “achieve a 
single . . . face.” 


pared witl 

Cisco still do 

strong relations 
vice providers, | 

large carriers, that Nor 

But Grier Hansen, ar 

ga Infor 


in Cambridge, Mass., said th 


10n Gr 


new system makes Cisco 
at the core 


n-area net 


A key question 
the new DWDM prox 
help Cisco penetrate t 
tive SAN market. 

Bob Zimmerman 
inalyst at Giga, said 
lieves it will. He pre 
Cisco’s move into tl 

arena will 
petition with San Jose- 
SAN 
technology leader Bro- 


ignite com- 


based switching 
cade Communications 
Systems Inc., which 
owns 60% to 90% of the 
switch marketplace. “I 
think Cisco is going to 
dominate that discus- 
sion,” Zimmerman said. 
But Bras! 


an analyst at Strategic 


Greg 


Research Corp., a net- 
work storage 
ment market 
firm in Santa Barbara, 
Calif., DWDM in 
the SAN marketpiace 
is still very much 
its infancy. 

“Most [potential buy- 
ers} won't even know what 
[DWDM] stands for,” he 
said. D 


manage- 


researcn 


said 


chief marketing officer, 
also left the firm. Hancock saic 
that 


leave for some time for person- 


Brown had 
al reasons. 

Dick Stoltz, step 
down as COO and CFO at Ex 
dus in January of last year, 
will 


who 


take over the 
day-to-day financial 
duties previously per- 
formed by 
Hancock said. Stoltz 


has 


volved with 


Casey, 


remained in- 
Exodus 
since his departure, 
serving 
adviser for 
and finance 

[wo 


aS a senior 


strategy 


weeks ago, 


Exodus reporte 


i 
i a 


cc d 
net cash loss of $118.3 
million for the first quarter of 
2001, compared with a net cash 
loss of $60.2 million 
same period last year. D 


for the 
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Security Proofs 


HE ONGOING SECURITY screw-ups with Microsoft’s Win- 
dows 2000 must have corporate customers steaming. Only 
last week, the most serious one yet turned up, this time as 
a flaw in an extension to the server operating system that 
could give a malicious intruder free rein on a company’s 


internal network. Enterprise users 
running Microsoft's Internet Infor- 
mation Services 5.0 software were 
urgently advised to install the avail- 
able patch immediately. 

This latest alarm bell rang only a 
week after Microsoft had to admit 
that 26 of its largest support cus- 
tomers — those paying for Gold and 
Premier levels of service, no less - 
were exposed to the FunLove com- 
puter virus. How? Through Micro- 
soft’s failure to follow its own virus- 
scanning policies, leaving potential 
attackers with a conveniently open window, so 
to speak. 

As Microsoft lumbers up its steep learning 
curve on security, it’s clearly making that climb 
on the backs of your businesses. And it’s hap- 
pening at a time when the twin business imper- 
atives of e-mail and e-commerce are exposing 
more corporate systems to hackers every day. 

No wonder IT security professionals are 
swiftly moving out of back-office support roles 
and into strategic positions. “The higher the 
stakes get, the more security is a business is- 
sue,” notes David Foote, a consultant quoted in 
one of our stories this week [“The New Securi- 
ty Pro,” page 69]. 

But let’s suppose that Microsoft and the 


growing cabal of security product vendors 


T Pon’T ttNow Wuo 
TO PELIEVE- THE 
QUAVRILLION USERS OR 


THE WAZILLION DOLLARS 
(IN REVENUE . 
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MARYFRAN JOHNSON iS 
editor in chief of Comput- 
erworld. You can contact 

her at maryfran_johnson@ 
computerworld.com. 
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were really listening to customers. 
What would they offer you? We 
took a look at that question in an- 
other story this week, “Managing 
the Virus Threat” [page 66], and dis- 
covered that security pros need a 
“single-console” approach to man- 
age the hodgepodge of cross-plat- 
form antivirus products. Imagine 
being able to coordinate dozens of 
antivirus updates from multiple 
suppliers, or to get new virus alerts 
equipped with preventive measures 
before the vendor patch is delivered. 

Ah, but here’s the catch: All of the above ca- 
pabilities would require far too much coopera- 
tion and customer focus. As one security prod- 
uct manager candidly acknowledged in our 
story, any vendors that provide such a single- 
console approach are “basically admitting 
their full complement of products isn’t a good 
approach.” 

As Microsoft has proved repeatedly of late, 
even the company that owns the underlying 
platform can’t do security right all by itself. It 
needs to work in concert with other providers, 
and all of them need to lose that “not invented 
here” mind-set that puts vendor spin first and 
customer needs second. 

Serious about enterprise security? Show us 
some proof for a change. P 


PE Oot compurzRWORLD 


COMPUTERWORLD May 7, 2001 


PIMM FOX 


a 
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B2B: You Can 

“oe ~ e 
Find Success in 
P 1 > Sj Ae 

rivate sites . 
USINESS-TO-business e-commerce 
exchanges are getting a bum rap. 
Business executives say they don’t 

live up to the hype, and vendors rattle 
Wall Street with lackluster earnings and 
sales. But this isn’t the complete story. Most of 
this angst concerns public B2B exchanges. 

For real success, look at what’s going on with 
corporate or private B2B marketplaces. Private 
exchanges for major corporations such as IBM 
and Sikorsky Helicopter have inherent advan- 
tages that public exchanges may never acquire. 

First, owners of private exchanges regulate 
supplier and customer access — and exclude 
competitors — making 
the sharing of sensitive 
information more likely. 

Second, owners can 
direct suppliers and cus- 
tomers to use the ex- 
change through price in- 
centives or by mandating 
changes in the way to con- 
duct business. vane Pex is 

Computerworld’s West 

Coast bureau chief. | 
Contact him at pimm_fox@ | 
projects and customers, sities 


Third, private exchanges 
can be secured and tai- 


lored to serve specific 


unlike public exchanges, which must be generic 
so as to accommodate everyone. 

For example, at Sikorsky, Darryl Toni, a senior 
technical structures engineer who works on the 
composite material that goes into the Army’s Co- 
manche helicopters, manages drawings for the 
airframe, landing gear and propulsion system, us- 
ing a secure private exchange to cut the time and 
cost of documentation and drawing revisions. 

“We've been able to save about 20% of our time 
in the structures area,” Toni says. Using the pri- 
vate exchange and technology from Santa Clara, 
Calif.-based Nexprise also meant eliminating the 


| contractual requirement to produce six volumes 
| (at 600 pages each) of paper documentation for 
| the Army. “It used to take 12 engineers a couple of 


months to produce this,” a task that’s now elimi- 


| nated, he adds. 


IBM, meanwhile, has saved about $1.7 billion 
since 1993 by being able to divulge sensitive price 


| and inventory information over a private ex- 
| change built for 25,000 suppliers and customers, 
| says Bill Paulk, IBM’s vice president of e-market- 


places. As host of the exchange, the company 
helped defray the cost of connecting suppliers. 
The payoff: On-time delivery to customers soared 
from about 50% to close to 90%, “which helped 
justify the cost,” Paulk says. 

Public exchanges such as Cordiem, which 
serves the aviation industry, and the automobile 
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Divide and Conquer 
Helps in Move to 


[P Telephony 


Merging voice and data on a single network can be 
surprisingly painless, if you plan properly and divide 
the work into doable projects 


[HE ECONOMY Is sLow1nc: the board of directors is hitting you over 
the head to cut costs; yet they want employees to be more 


productive than ever. 


inswer may D first quarter of last year to 80,000 in the tourth 


IP based network rf raditional world of sep 
to IP telephony, in-which voice 
the same corporate networt 
1, can reduce your investment in network 
nfrastructure and reduce costs for support 
ministration. A single converged net 
uso m ike S It easier and more Cost ettec 
sloy new applications that increase 
l or enhance customer service 
he numbers show that migrating to IP 
telephony is possible and profitable right now 
ording to a survey by Stamford, Conn 
ed Meta Group Inc., 26% of enterprises 
have already begun to move to integrated voice 
data networks, and 42% plan to begin 
such a migration within the next two years 
Iwo thousand Cisco Systems Inc. customers 
have already implemented such merged net 
works, ranging in size from several hundred 
phones to 25,000 phones. Cisco's shipments of 


IP phones rose from just over 30,000 in the 
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previously cost between $ und 
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THE MIGRA ; 

something which hap 


I pened around 150 times 


GRADING] A NOR per semester, says direc 


rmation tech 


TION 


Patrick Olson 


basically 


he says, because 
the campus’s IP tele 
phones can retrieve their configuration information 
from the network wherever they are plugged in 
Another benefit, which is especially attractive 
during downturns, is that IP telephony makes 
greater use of an existing corporate asset, meaning 
that both the sunk costs of the current network and 
the costs of future upgrades will improve both data 
ind voice delivery 
Finally re is the harder to quantify, but very 
real benefit, of using a combined voice and data net 
work to deliver new information and services to 
customers that were possible before. These 
include existing technologies such as unified mes 
ing, which is the ability to access and immedi 
ely respond to voice, fax and e-mail messages from 
any phone or PC within the enterprise. Brock fore 
sees a day when the voice and data network will 
allow a member of the college’s business staff to talk 
a student through a Web-based class registration 
process, which will improve service to students and 
cut the school’s administrative costs 


Customers are finding that adding voice traffic 


places relatively small demands on today’s robust 


data networks. They are also finding that features 


such as 10/100 Ethernet switches embedded within 
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Migration Fears 
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some customers, can be 
ts such as Cisco Systems 


(DPA) 
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1e costs of IP te equipment and converged 
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Howevel! 
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| 
ear their net 
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ting in either poor 


resul 


slow data delivery 


seat 


p utment of Information 


in, estimates the IP 


y 


| - - t Id } + 
telephony network cost less than it would have cost 


f 


rate data network 


vice traffic to piggyback 


] 
which is alreac 


IP te 


for a traditional private-branch exchange (PBX) and 


lephony also allows 


on the data network 


in place and is an accepted cost of 


doing business. “The [network] is going to be con 


tinuously upgraded over 


time anyway” to handle 


more data traffic, says Brock, with each upgrade 


adding 


capacity which can 
ation can get 
new, IP-based system 
must co-exist with exist 
ing voice-mail systems or 
PBXs, says Cisco’s mang 


er of technical marketing, 


Ss 


Bill King. For that reason 

he says, if an installation is 

relatively small Say 
‘ 


several hundred users 


“sometimes it just makes 


be easily used for voice 


a bit difficult when the 


, ROBUST 


WILL ASSURE GOOD VOICE QUALITY 


sense to replace everything all at once.” But “when 


\ t - ] - 
you've got 20,000 users, you don't pull everything 


out overnight,” says King 


“We learned to take a 


gradual approach” in Cisco’s own migration to IP 


telephony, he says, and has since been migrating log 


rd 


ical groups of users to converged networks, inter 


connecting the new system with the older PBX, and 


then over time adding more users to the converged 


network while 1 hem from the PBX 
Telecom ma ) vork administrators 
ilso have to lialing plan so “calls get rout 
without confusion,” he says 
tion, as you add and delete 
zetting messed up” by 
inadvertent] ning the same extension num 

systems 

has simply not been an issue 
rding to several customers. “I 
ho lives here in town — he could 
ul,” says Brock. That 
come as a surprise to anyone who has ever 
eard the pi | delays caused by the 
latencies as a lo listane traverses the public 
Internet. But on a more 
htly controlled corpo 


network, there's 


DATA NETWORK 
usually capacity to spare 
for voice traffic and it’s 
easier than on the Web to 
give voice traffic the pri 

ority it needs 

Consider, for example 

a 400-port switch lin 
to a Gigabit Ethernet network. Since calls are car 
ried over the network as 64K bit/sec. voice samples 
combined with 16K bit/sec. of header information 
says King, even if all 400 phones connected to the 
switch were in use at once they would take up less 
than 5% of the bandwidth available on the link 
“There’s a misperception that voice has a big 


impact on the network,” he says. “It really doesn't on 
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1 priority packets, says King, making 
ackets which make up the hi 


mo! | 


MOre closely t 


to 
ets which make up, say, a Web pag 
Customer Service Over IP 

Algonquin College didn't start out looking to 
move to IP telephony. All it needed, says Brock, was 
away to provide VOl and data V1 to anew res 


idence ha 1pus. Priot 


ports could be added, says 
It either had to be 

i new switch 

in or we had 

ther solu 


1 
wanted wa 


1 time, ¢ 


LI tL 
could be voice over IP, it 
could be a voice switch 


nd data switches or any 


combination thereof 
if. 
| fi 


1 ] 
The college recelvec VC 


bids for the work, four of 
which were traditional 
combinations of telephone 

1d data switches with 
the fifth based on Cisco's 
Architecture for Voice 
Video and Integrated Data 
(AVVID), says Brock. He 
retired the Nortel switch 


and replaced its core Cisco 

3500 switches with Cisco 

6509 switches and upgraded the switches in the 
buildings to be served by IP telephony from Cisco 
2924s to 3524s in both cases for the quality of 
service capabilities in the high-end switches and to 
provide in-line power to the phones. The school’s 
core Gigabit Ethernet backbone is linked to the 


local switches by 100M bit/sec. Ethernet 


By August of 2000, the college was able to provide 
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combine 


| 


hall | | 
dence hall and to two academic 


I] 80 users at a remote campus 


users. That number is expected to rise to 1,000 


and 1,400 by next spring, says Brock, witl 


the entire 2,500 phones on 


school’s campuses 

being IP enabled within three to five years 
Like other custon ind Cisco itself, Brock 
found that moving all his users to IP telephony at 
once would be cost prohibitive. While he declines 
to give costs for his IP telephony rollout, he does say 
f you're not overly rich,” the best times to con 
grating to IP telephony are when building a 


new facility or when doing a significant upgrade to 


r} . t t - . ] 
the corporate data network, when voice capabilities 


can be added at relatively 
to ae Bes 
LICTIC expense and can 
ZATION SCENARIO pave the way for a future 
IS IF SOMEONE IS decommissioning of the 


LOOKING Al existing telephone net 


: work 
sNIFICANTLY 


Another attractive 


} 
ne 


migration scenario 
Says, IS “If someone Is 
looking at significantly 
improving client serv 
ice For Algonquin 
College, that meant mak 
ing it easier for its clients 
(the students) 
everything from register 
ing for courses to check 
ing to see if a scholarship 
check had arrived. “Right 
now,” says Brock, “all a 
client services represen 
tative does is take a 
phone call and look at a 
student’s record online 
There's no Web follow-up, no collaboration, no ¢ 
mail, [online] chat or anything like that 
The real benefits will come, Brock hopes, within 
two years with the advent of integrated messaging 
for the client representatives. Right now, different 
groups of employees answer student questions that 
come in through phone calls, e-mail, paper mail or 


fax. With IP telephony, any employee will be able to 
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inswer any question 


ess of how the student 


sentative 


Under this scenario, if a student can't find what 


1] 


he needs on the school’s Web site, for example, “all 


he has to do is push a button and send his phone 


number to customer service] agent” who c 


utomatical ll the student, says Brock 


Web page he’s looking at 


VE GOI 


LL EVERYTHING 


OVERNIGHT, 
) Site 
Brock SCCS 
service improve 
is being more 
important than any cost 
which he 


savings over a traditional phone system 


| 
even sees as “a Wasn 


on : 
> telephony wont be a big cost-saver 


One reason II | 


in the rt run is training time for his IT staff 
While his staff was experienced in Cisco equip 
ment, “it was still a very steep learning curve for my 
staff just understanding how the technology 


l 14 
voice and data sys 


worked, understanding how t 
tems interacted with each other” as well as the pro 
gramming required to set up the IP telephones for 
service. The same will be true for the client service 
representatives, he says, who are only now moving 
away from “green screen” terminal emulation appli 
cations to more integrated applications 

In the short term, we will probably get improved 
service as opposed to cost savings,” he says. True to 
his own advice, he plans to move other users to IT 
telephony as upgrades to the existing data network 


make it feasible, moving toward his long-term goal 


of truly unified messaging to improve the college’s 


customer support. “That’s where we're going to 


reap the benefit,” he says 


Real Reason for Migration 

Regan is the first to admit his migration to IP 
telephony wasn't typical: He converted the 350 
users in the state of Connecticut's Department of 
Information Technology in a very short time after a 


flood knocked out everything in the basement of a 


1] 
nter . 
A COCLTILCE VV AL ul 


y did things in about 


l . 
two weeks,” says Reg 


The migration is no worse 
re [upgrading] a normal voice 
had to relocate his IT staff toa 


lot t wll . 
hew Cata cer ind get their phone service up ind 


running very quickly 
But the march to IP telephony wasn't entirely 
forced xan had already merged the IT groups 
vhich supported voice 

data networks, “so 
we were very interested 
in looking at converged 
solutions.” He was hop 
ing a combined voice and 
data network would be 
less expensive to manage 
than separate \ ind 
data networks for the 

ind that if anyone within the 

state gover! t were to try it first, “it should be 
us. We wanted to be our own 


ed to understand t 


guinea pigs; we want 
technology first 
Dealing with 


relatively small number of users 
Regan had the luxury of doing a clean cutover; a 
migration path for relatively small installations is 
often the easiest proc re. “When folks showed up 
in their new office,” they had a new IP telephone 
and new number, he says. He left their older num 


bers In Operation for as much is [our to SIX wee ks 


need to provide links between old and new voice 
mail systems 
Such a “flash cut makes sense for sites with fewer 


than about 300 to 500 users,” says King. “If they 


already have a Cisco network in place, a lot of the 
installation work can take place in advance since 
the phones, Cal er system and gateways for 
inbound and outbound calls can be installed and 
tested without affecting the PBX equipment already 
in place 

The move to IP telephony was not only faster, but 
also less expensive than building two new net 
works for voice and data, says Regan. Learning the 
technical skills to manage the converged network 
was not a major issue. “Within a month to six 


weeks, | think our folks were very comfortable with 
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coming through that learning curve,” s Regan 


\ bigger challer he says, is confusior 
between the merged voice and 
‘where the lines are « 
i traditio 

very distinct. Typically, w 
you knew who to call,” but on a con 

it could be something the guys on the 
working side did that caused” a problem with voice 
traffic over the network 

But the blurring of the lines is a good 
ictually part of what he hoped to see from 
tion of IP telephony. “We're not look 
guys’ and the ‘data guys’ anyn 
We're looking at ‘network guys 


While pleased with the speed of installation and 


1 L W 
the quality of the voice service, Regan will take 
i ' eakeak al 
case-by-case approach to migrating more of 
state’s 50,000 workers to IP telephony 
determined we're going to go only \ ove! 


xoing forward,” he says. Th 1oice of telephone 


technology will deper each agency’s needs, the 


- 1] 
cap icity of its existing dat inetwork to handle voice 


ind its financ ial situation 


Cisco: “Shrink and Grow” 

Cisco itself has learned the benefits of a gradual 
move to IP telephony since beginning its internal 
migration in 1998. Today, more than 60 more 
than 20,000 users at its San Jose, Calif. campus are 
using an IP telephony based system, with the rest 
expected to follow by the end of the year 

IT staff must examine the entire network infra 
structure to ensure it can handle the additional load 


of voice traffic, and to develop an end-to-end quali 
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ty ol service pl in for the entire network. In the early 
stages of the rollout, for example, many Cisco users 
access to oF 10M _ bit/sec. network links 

rather than the 100M bit/sec. network which can 
handle speed sensitive voice traffic much more ¢ 
ily. In addition, many of the older Cisco Catalyst 
switches in the Cisco LAN did not support 
advanced quality of service features, which assure 
voice packets top priority on the network. Making 
a gradual move makes it easier to upgrade key sec 
tions of local and wide-area networks as needed 
rather than making the move to IP telephony 
dependent on a company-wide network upgrade 
Uninterrupted Service 

\nother reason to migrate one group of users at 


time Is the need to maintain uninterrupted telc 


] 
cutover. 


phone and voice-m ce duri 

large enterprise requires that both the 

ms co-exist. Many customers 

and want to keep, existing voice mail 

1 vendors st is Lucent Technologies 

Messaging Division rather than be 

forced to replace their voice mail at the same time 
they upgrade to IP telephony, says King 

Cisco's Dig 


gital PBX Adapter (DPA) typically sits 
between an Octel voice-mail system and Cisco's 
CallManager, emulating the digital phone protocols 
e Octel system expects to see. DPAs can also be 
configured so that users accessing either a PBX ora 
Cisco IP Telephony CallManager system can access 
the same Octel e mail system. This can allow net 
work managers to keep PBXs in operation for part 
of an enterprise while the network infrastructure is 
prepared for others to begin using IP telephony 
That is exactly the approach Cisco is taking 


which King calls “shrink and grow.” This means 


installing an IP telephony system for a department 
or building, or a particular local exchange number. 
that makes up a “community of interest” or logical 
group which can be migrated all at once 

The new system is linked to the existing PBX 
usually with primary rate interface (PRI) trunk 
lines to provide a common dial plan between th: 
new and old systems, he says. In the case of an older 
Lucent Technologies PBX co-existing with a newer 


Cisco CallManager system, for example, Cisco 
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CallManager can be configured so that it automati 
cally routes calls on the older system to the PBX 
over the trunk line. Systems can even be configured 
so that all outside calls, for example, “could be rout 
ed across the old system and out the old trunk line 


Over time, network administrators can grow the 


new system by adding users, while shrinking the 


older system by moving users off, he says. “The end 
game is to move all the users” to the newer IP 
telephony system, he says, but in a controlled way 
that ensures uninterrupted service and good voice 
quality 

Such peaceful coexistence, of course requires a 
properly designed “dialing plan,” or numbering sys 
tem, that assures no numbers are duplicated across 
the systems. Customers often want to preserve as 
much of their current dialing plan as possible, says 
King. Changing the dialing plan is a manual process, 
he says ‘You have to add the extensions to the 
new system and delete them from the old” — anoth 
er reason to go slow and move, say, a floor or a build 


ing at atime to the new system. “It makes it easier to 


keep track of the moves,” he says 


Vacation Upgrade 

With 500 telephones in use, Menlo College was 
small enough to consider a “flash cut” where all 
users were moved to IP telephony all at once. And as 
i college, it had another advantage: Summer break 
when the campus was quiet enough to combine a 
network upgrade with the move to IP telephony 

Before the upgrade, the college was served by a 
shared 10M bit/sec. LAN in four of the campus’s 13 
buildings, linked by a fiber ring, but students lacked 
access to the on-campus LAN and had slow dial-up 
connections to the Internet. IP telephony would, 
igures Olson, eliminate the need for a full-time per 
son to execute telephone wiring changes on cam 
sus, and allow him to use IP networking skills “we 
already have” to manage the voice network as well 
inally, the new system would open the door to 
uture applications such as teleconferencing and 
Web-based registration 


The $1.95 million project, which was completed 





netween late May and late August, included 
upgrading the campus network to an intermediate 


distribution frame Gigabit Ethernet network run 


ning over four fiber rings throughout the campus 
linked to ) tal 5509 itch at the d 

linked to a Cisco Catalyst Od( switch at the data 
center and Cisco Catalyst 6000, 4000 or 3500 
switches in each building. Olson expects to recover 


: 
five years through reduced 


his investment within 
support costs and the ability to sell telephone serv 
ices for which they would have otherwise paid 
Pacific Bell 

Olson says he found the construction work need 


, ' 
ed to upgrade the 


l 
+} ] 


physical network a greater chal 


lenge than anything related to the network upgrade 
aon Irelen} t ‘ f ¢} 
or the IP telephony system. Because of the amount of 
capacity now available on the campus network 
eu hack bem aro ek) 
voice quality hasn't been a problem — and his main 
advice to other customers is that running “a proper 
robust data network” will assure good voice quality 
Five hundred t 


es on top of a Gigabit net 


work is nothit 


Lessons Learned 

The experiences of Cisco and its customers show 
that the migration to IP telephony is possible and 
cost-effective. That is assuming customers make the 
necessary t their existing networks; con 
duct the migration in phases to allow for migration 
from (or co-existence with) legacy voice mail and 
other systems and allow time for training all the 
necessary staff members 

Once this is done, the rewards are high-quality 
voice calls; reduced support and lower management 
costs over time; and the ability to roll out advanced 
applications such as unified messaging and video 


conferencing, which can vastly improve employee 


productivity 
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industry’s Covisint are stymied because competi- 
tors won't reveal proprietary information about 
procurement methods. Nor can exchange mem- 
bers be uniform in mundane-but-expensive areas 
such as invoicing, inventory management and 
documentation, forgoing even those cost savings. 

AMR Research, a Boston-based researcher of 
e-business strategies and technologies, estimates 
that 20% of the cost of goods sold, or about $450 
billion, can be taken out of the global supply chain 
by using both public and private B2B exchanges. 

Although they grab headlines, industry-based 
exchanges will never help the bottom line, be- 
cause they can’t target specific customers, im- 
pose business changes on a network of suppliers 
or be repositories of critical company data. 

But companies that create and use private ex- 
changes can drive real business efficiencies; that’s 
what B2B e-commerce is about. D 


LENNY LIEBMANN 


... And It’s All 
About How You 
Relate to Others 


ROAD MARKET labels can be use- 

ful in identifying emerging trends, 

but they can be misleading when 
it’s time for your company’s particular 
implementation. Business-to-business 
e-commerce, or B2B, is a prime example. It’s a 
term that originally came about to distinguish 
business-to-business activity on the Web from 
consumer-focused initiatives, or B2C. 

But any moderately perceptive observer will 
notice tremendous variation in the objectives — 
and therefore the technical architectures — un- 
derlying corporate B2B efforts. That’s why I’ve 
come up with a taxonomy that’s proved quite use- 
ful in planning and evaluating those efforts. 

Basically, I divide B2B into three categories I 
call AFL: acquaintances, friends and lovers. 

Acquaintances are other businesses that your 
company deals with on an 
ad hoc basis. They peruse 
your offerings, make buy- 
ing decisions based on 
price and value and exe- 
cute transactions. These 
buyers may differ from 
consumers in that they 
use purchase orders and 
set more stringent sale 
conditions, but in many 
ways, acquaintance-class 
B2B isn’t actually that dif- 
ferent from B2C. 

Friends enter into more 
stable relationships. They may execute repeat/re- 
fill orders with some consistency. They may ne- 
gotiate special volume pricing. In fact, one com- 
mon sign of “friendship” is the existence of a for- 
mal contract covering terms, support and the like. 


LENNY LIEBMANN is an in- 
dependent consultant 
specializing in the align- 
ment of IT resources with 
business goals, Contact 
him at limann@home.com. 


Lovers are your company’s most strategic part- 
ners: key suppliers, major customers or prime dis- 
tributors. Relationships with lovers are long term 
and offer sufficient perceived value to be worth 
considerable investments of time and money. 

Why are these distinctions important? For one 
thing, they have a significant impact on technical 
implementations. It often makes sense for lovers 
to work out tight integration between each oth- 
er’s ERP systems; not so for acquaintances. 
Friends may fall somewhere in between, gaining 
access to a secure extranet site. Acquaintances 
may use the public Internet, while friends war- 
rant a virtual private network. Lovers may go so 
far as to implement a private IP link. 

These distinctions also give technologists and 
business managers a common language with 
which to discuss B2B initiatives and require- 
ments. Are we trying to gain market share 
among acquaintances? Are we trying to turn them 
into friends? Are we trying to cut cost and time 
out of our interactions with lovers? Simply saying, 
“Let’s do some B2B!” may not be sufficient to 
describe such objectives. This taxonomy’s addi- 


into a company’s real B2B goals. 

A clearer understanding of B2B classes should 
also help vendors better understand the needs of 
their corporate customers. When they talk about 
“enabling B2B relationships,” do they mean ad 
hoc dealings with acquaintances? Or more bond- 
ed relationships? Can vendors such as online 
marketplace developers really accommodate all 
three classes of B2B commerce? Or are they usu- 
ally most appropriate for one particular class? 

Most companies will have relationships and re- 
quirements that span the entire AFL spectrum. 
But to keep the scope of B2B projects under con- 
trol, maintain alignment with business objectives 
and ensure the use of appropriate technology, IT 
organizations should develop a clearer under- 
standing of B2B subspecies. I like AFL because 
the terms are immediately understood across 
multiple corporate cultures. You may choose to 
use a different model to draw your distinctions. 

Whatever model you may ultimately decide 
upon, the key is to make sure that your technolo- 
gy implementations are relationship-appropriate. 
After all, you don’t ask people to take blood tests 





tional granularity provides much better insight 


ia ae 


' Resource-Hungry 


FTER READING 

the article “Old 

Ireland Tries New 
Hooks” [Business, April 
23], | was wondering if 
you could suggest re- 
sources for IT placement 


| companies in Ireland and 


for immigration issues. 


Raju Kalidindi 


Fingerhut Cos 

Minnetonka, Minn 

Editor’s note: You’ll find a 
link to Computerworld 
resources regarding H-1B 
visas and immigration 
issues, as well as links to 


| several Web sites offering 


information on employ- 
ment in Ireland, at www. 
computerworld.com 
letters. 


WAS GLAD to see the 

article on how com- 

panies are retaining 
IT folks. When I man- 
aged a systems develop- 
ment group of program- 
mers and analysts at a 
public university, our pay 
scales weren’t very com- 
petitive with industry. 
Our client base was 
mostly stable, so we had 
to create variety. One 
tactic I used was to ro- 
tate responsibilities once 
a year, so that the most 
senior person supporting 


a client/office/project 
would move to another 
project as second in 
charge. The second in 
charge would move up to 
first in charge for that of- 
fice, etc. Before we start- 
ed doing this, some peo- 
ple had been on the same 
project or supporting the 
same office for many 
years. Their skills were 
getting stale, and their 
career paths were limit- 
ed because of the prac- 
tice of keeping knowl- 

| edgeable people where 
they had the most expe- 
rience. The newer folks 
were getting the new 

| projects, and our experi- 
enced people felt a bit 
trapped. Using the rota- 
tion method, everyone 
was forced to learn new 
skills, train the person 
coming in behind him 
and keep his documenta- 
tion up to snuff. We had 

| much greater coverage 

| after a couple of years 
because more people 
knew more about more 
projects, and the staff re- 

| ally liked it once they un- 
derstood the way it 
worked and how much it 
benefited them and the 

| organization. 

| Barbara Taylor 

| Management consultant 
Silverado, Calif. 


just because they want to be your friends. D 


. 
Getting Extreme 

| HEN consider- 

ing the eco- 
nomics of ex- 

treme programming 
[“Programming Gets Ex- 
treme,” Page One, April 
9], it’s important not to 
ignore the hidden costs 
of traditional methodolo- 
gies. We used XP in a 15- 
month project that, at its 
peak, involved two eight- 
member development 
teams. We found that 
programming productiv- 
ity, overall, increased. 
We were able to assimi- 
late new technologies 
and integrate new devel- 
opers more quickly, min- 
imize the impact of em- 
ployee departures, better 
deal with requirements 
changes and improve 
predictability. In the 
short term, two pro- 
grammers don’t code 
twice as fast as one, but 
our experience shows 
that in the longer term, 
the increased levels of 
correctness and fitness 
for purpose that come 
from using XP result in 
less costly rework, faster 
time to market and lower 
overall cost to market. At 
the scale of the whole 
project, two program- 
mers who follow XP dis- 


cipline and program as a 
pair are more productive 
than two who follow a 
traditional document- 
centric methodology. 
Alan Ewald 

Southboro, Mass 


RECALL A PAIR pro- 

gramming experi- 

ment in the late 1970s 
that achieved a 172% pro- 
ductivity gain and an er- 
ror rate that was 0.1% of 
the normal rate, despite 
the additional program- 
mer expense. But the 
concept was rejected be- 
cause senior program- 
mers would quit. This re- 
sponse is consistent with 
the results described by 
Lee Copeland Gladwin 
for U.S. organizations. 
Randall Jensen 
President/consultant 
Software Engineering In 
Brigham City, Utah 
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JOHN 


How Will the 
Economy Affect 
IT Spending? 


AVE YOU NOTICED that there’s a 
recession going on? 
Actually, there is no recession 
— at least technically. After all, the gross 
domestic product is still growing. For a 
recession, you must have two straight 
negative quarters. 
Last year, the U.S. economy grew more than 
5%. But last week, the International Monetary 
Fund predicted that U.S. 
growth would reach only 
1.2% this year. That's 


GANTZ 


enough swing to create an 
emotional recession. 
What does this mean 
for IT spending? 
According to my col- 
leagues in the Global IT 
Economic Outlook re- 
JOHN GANTZ is a senior 
vice president at !DC in 
Framingham, Mass. Con- 


tact him at jgantz@idc.com. 


search program at IDC, 

it means a lot or a little, 
depending on what kind 
of spending you're talking 
about. Their analysis is based, in part, on what 
happened in the U.S. recession of 1991, the Euro- 
pean recession of 1993 and the Asian crises of 1998. 

It turns out that the economy is not the only 
persuader to IT spending. Major upgrade cycles 
(such as Windows 95), one-time events (Y2k, 
currency devaluations), deregulation and tech- 
nology advances (the Web, 3G phones), may 
influence spending. But an economic downturn 
does impact IT spending. 

The IT sector most tethered to the economy 
seems to be the PC market. This year, IDC ex- 
pects U.S. spending on PCs to drop by a double- 
digit percentage, in part, because of double-digit 
growth last year. Yet the market for Intel-based 
low-end servers should rise by about as much as 
PCs fall — but for different reasons, namely 
e-business rollouts. 

One the other hand, spending on IT services 
will plod along at about the same 10% to 11% that 
has been expected, although maintenance and 
support will be down and outsourcing will be up, 
balancing out each other. 

So, here’s the aggregate picture: If the U.S. 
economy doesn’t get any better than it is now, IT 
spending growth for this year will be around 5%, 
or half what it was last year. 

If you want to benchmark what’s happening in 
your company against the U.S. average, consider 
the following: 

@ Spending on e-commerce-related initiatives is 
still rising — by 25% this year, according to IDC’s 
recent eWorld 2001 study. This stuff is too impor- 


| be conducted over the In- 
| ternet in just a few years. 
| But we’re nearing the midpoint of 2001, and the 


tant to be stopped by a recession. The hardware 
to support these initiatives, such as servers and 
storage, remain in the purchasing queue. 

w Spending on long-term enterprise applications 
and projects is continuing, with particular em- 
phasis on customer relationship management, 
for which software sales are booming. These are 
often multiyear projects that will only cost more 
if they are delayed. 

@ Outsourcing is the high-growth area in IT 
services as companies try to cut fixed costs. 

@ General infrastructure improvement stuff such 
as new PCs, new workstations, WAN equipment 
and Windows 2000 will get delayed. After all, we 
got a lot of fresh equipment right before Y2k. 

@ Staffing dynamics, but not job openings, will 


| change. Expect fewer layoffs in the IT specialties 


than in, say, high-tech product management, but 
raises, signing bonuses and promotions may be 
curtailed or delayed. Companies will keep IT pro- 
fessionals rather than go through the agony of 
finding and hiring them when the economy turns 
around. 

So, good luck. If you’re new to the IT profes- 
sion, this downturn will be unsettling. If not, 
remember that this has been a high-growth pro- 
fession for 50 years, economic ups and downs 
notwithstanding. D 


In a Funk Over 


E-Commerce? 
Read ‘Bill’s Law’ 


F YOU’RE FEELING a little confused 

about e-commerce these days, it’s 

with good reason. After all, there’s a 
growing body of evidence that the e-busi- 
ness advice, messages and cocksure pre- 
dictions that have bom- 


| barded you for years need 
| some rethinking. 


Specifically, you and 
everyone else with a CXO 


| title in your organization 


have been told to make the 


| building and deployment 
| of the e-business infra- 
| structure an absolute pri- 


BILL LABERIS is a 
consultant in Hoiliston, 
Mass., and former 
editor in chief of 
Computerworld. Contact 
him at bill@laberis.com. 


ority ahead of everything 

else in anticipation of sup- 
porting the trillions of dol- 
lars of commerce that will 


clicks aren't clicking like experts forecasted. 

@ On the business-to-business front, the much- 
ballyhooed exchanges and Web-based market- 
places are desperately seeking customers. Even 
executives at major B2B software companies are 


COMPUTERWORLD May 7, 2001 


said to be seriously doubting the future of these 
exchanges. 

@ Further fueling these doubts is the halting 
adoption of XML, the lingua franca of the B2B 
world, as users cling to decades-old electronic 
data interchange (EDI). 

@ Computerworld reported that Gartner Inc. 
dropped its estimates for B2B commerce by 2004 
by a stunning $1.3 trillion, not exactly short money. 
g A Nielsen study found that online consumer 
shopping nose-dived earlier this year. But more 
revealing in the study is that consumers are in- 
creasingly using the Web to gather information to 
make purchases, albeit off-line. 

@ The click-through rates of Web advertising (the 
rate at which page viewers click on ads for more 
information) are pathetically low, averaging less 
than half of 1% in some categories. DoubleClick, 
the leading firm that handles online advertising 
for companies and a bellwether for the health of 
online advertising in general, is swimming in red 
ink as losses widen. 

It’s not an encouraging picture of the e-busi- 
ness world, is it? And if you’re among the thou- 
sands of IT managers in the midst of deploying an 
e-business infrastructure designed to support the 
organization in the coming years, you have to be a 
little worried. You were told, “Build it, and they 
will come.” Well, what if they don’t? 

First, some of the negativity expressed in these 
and other statistics reflect the current economic 
downturn, to some degree. But what we're seeing 
more than anything else is the manifold expres- 
sion of Bill’s Law (my rule), which states that 
nothing in the IT world happens as fast as the 
pundits, experts and analysts claim it will. Noth- 
ing. But eventually, it does. 

Bill’s Law exists because organizations are rich 
in legacy technology, legacy people and legacy 
thinking. There is perhaps no more critical lesson 
for you to help the executives in your organiza- 
tion learn than this law. 

Consider the failure of exchanges to take off as 
predicted. Despite the very obvious productivity 


| and efficiency advantages that XML offers, users 
| stick stubbornly to EDI even though there are 

| excellent EDI-to-XML translation packages on 

| the market. They do so because it’s comfortable 


for them, using the fact that there are too many 


| competing XML standards as an excuse. That’s 
| true, but not within specific vertical markets, 
| which is how exchanges are aligned. 


In the B2C world, only online travel services 
(mostly airline tickets) and auctions (mostly 


| eBay) have come close to living up to volume 
| expectations. I predict that people will never 


reverse purchasing habits that took a lifetime to 
develop. Instead, B2C will flower only when most 
buyers are from a generation that grew up with 
PCs from Day 1, which would be today’s 


| teenagers. The Nielsen data suggests that you 
need to make your sites more usable for gathering 
| product information rather than for product pur- 


chasing, at least for now. 
If nothing else, this is a very good time to work 


| with executives to recalibrate e-commerce expec- 
| tations and adjust IT strategies accordingly. D 





THE BOOK OF @ BUSINESS 


DATA STORAGE IS NO LONGER 
THE SILENT PARTNER. 


IT’S THE ONE SCREAMING FOR YOUR ATTENTION. 


fig. 1.1: Storage screaming for your attention (metaphor) 


DATA IS NOW DOUBLING every eight months. 
Which means your storage system is probably bursting 
at the seams. Raw storage capacity is not the answer. 
Comprehensive storage management is. 

IBM and its Business Partners offer a full range of 
storage solutions that are interoperable, based on open 
standards and designed to work across your entire 
IT infrastructure. 

IBM SANs are the foundation, grouping storage 
systems on a dedicated high-speed network. The new 
IBM TotalStorage” NAS 300G series cost-effectively 
integrates NAS and SAN solutions throughout your 


enterprise. Tivoli* storage management software can 


help you realize the full potential of your storage 
network. And IBM’s Enterprise Storage Server™ is one 
of the most powerful storage devices on the planet. 
Its latest enhancements virtually eliminate the need 
to shut down when restoring or backing up. 

IBM has already helped thousands of companies 
with everything from storage strategy to implementation. 
We can help you too. For starters, buy your next IBM 
storage product before July 20 and receive up to 10% 
cash back (that’s up to $100,000): Interested? For more 
on IBM products, services or great financing options, 
simply call 800 426 7777 (ask for Storage Solutions) or 


visit ibm.com/storage/totalsolutions8 


@ business infrastructure 
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Rebate program applies to purchases made from March 20, 2001 to July 20, 2001 and is limited to certain |BM storage products. For details on eligibilty requirements and applicable restrictions, visit the 1BM website listed above 
IBM, the e-business logo, IBM TotalStorage and Enterprise Storage Server are trademarks of International Business Machines Corporation. Tivoli is a registered trademark of Tivoii Systems Inc 











Your 
customers, suppliers, and partners all need to work together over 
the Web. You have to make it happen. If you use BizTalk Server 


2000, you actually can. Part of the Microsoft .NET Enterprise 


Server family, BizTalk Server 2000 brings together the tools and 


services you need to rapidly integrate applications that run within 


and across organizational boundaries. 


That’s because BizTalk Server 2000 has powerful visual tools 
that fully utilize XML, allowing you to quickly design, build, and 
orchestrate all your business processes. BizTalk Orchestration 
Designer makes it possible for business analysts and developers 
to collaborate with ease. You can also generate XML document 
schemas quickly and simply with BizTalk Editor, while BizTalk 
Mapper makes it easy to visually transform one business document 
into another via XML. BizTalk 
Server 2000 also maximizes 
the value of legacy systems 
by making it easier to convert 
XML data to and from various 


structured data formats. 


To learn more about how BizTalk Server 2000 can get all your 
business processes working in harmony over the Internet, visit 


microsoft.com/biztalk 
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HE IDEA behind “Mas- cure personal data on servers PSEC IS NOT just a subset ual datagrams. Upgrading to 
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IP-based Global Pay- Ken Flint rity,” Technology, April 16]. | puters to convert at once. Up- 
ment Network” [Computer- Smithtown, N.Y IPSec can be used with either graded systems will contain 


Is Your Company's IT Literature 
Lost on the Internet? 
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| both V4 and V6 and be capa- 


ble of communicating using 
either protocol. This doesn’t 


| mean that migrating to V6 is 


easy. The biggest inhibitors 


| are getting V6 into desktop 
| Operating systems and chang- 


ing the source code of applica- 


tions that operate across a net- 


work. This isn’t a small job. 


| Remember Y2k? 
Sidnie Feit 
| Chief scientist 
| The Standish Group International 


| Hamden, Conn 


"Have you seen this White Paper?” 


Author of TCP/IP (Signature Edition, 


McGraw-Hill) 


DVANCED security fea- 
tures will become the 
standard only when 


| they are easier to implement 
| than to ignore. There’s a grow- 


ing realization on both sides of 


| the fence that security is good 


as long as business needs are 


| met. After all, the most secure 


computer in the world is a lap- 


| top locked in a safe with the 


battery removed, the safe en- 


| cased in 12 feet of concrete, 
| and the entire thing sunk to the 


bottom of the ocean. This com- 


| puter isn’t useful for much of 
| anything, but boy, is it secure! 
| Gregory T. Smith 

| Dow Chemical 

| South Charleston, W.Va. 


If your company’s white paper is not in Computerworld IT Reports, it is “LOST” 
on the web. That’s because Computerworld IT Reports has the largest collection 
of the latest IT white papers, market research, and analyst reports! At your 
fingertips...in-depth IT research from over 50 analyst groups and over 2,000 high 
tech leaders such as Brokat Technologies, ClearCommerce, enamics, 
SeeBeyond Technologies, and XcelleNet. 


_ Breaking Into Reservations 


HE CHART accompany- 
ing the story “Airline 
| Site-Backed Study At- 


| tacks Reservation Fees” 
| [News, March 19] states, “The 


capital costs of creating a rival 
computer reservations system 


| present a nearly insurmount- 
| able barrier to entry for any 


You'll find all of your technology interests, including CRM, E-commerce, ASPs, 
Outsourcing, Linux, Network Security, Wireless, and more! 


| would-be competitors.” 
| Radixx is the first to replace a 


| legacy reservations system 
| (Amadeus) at an airline (Air 


Visit Computerworld IT Reports at: 
://itreports.computerworld.com/cwl 


Want to feature your white paper on Computerworld IT Reports? 
Send an email to cwl @computerworld.com, and we'll show you how! 
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| Iceland). Air Iceland President 


Jon Karl Olafsson indicated 
publicly that he’s saving in ex- 
cess of $1 million per year be- 
cause of the change. We were 
able to create the new system 
by leveraging state-of-the-art 
and commodity components 
and tools whenever possible. 


| Instead of using expensive 


proprietary communication 


| links, the airline’s reservation 


agents, stations and travel 
agents connect via inexpen- 
sive Internet connections. 
Ron Peri 

Chairman and CEO 

Radixx Solutions International Inc. 
Orlando 








Of all the IT projects in the U.S- 


or be challenged. 


Improve your odds 





| Attend the Project Leadership Conference 
| [tite erat) 

| Adam’s Mark Hotel - Dallas, Texas 

**You must mention discount code LDG395 to qualify. 

! FEATURING: 

| = Keynotes from the Industry’s Finest # Roundtable Discussion Groups 

= New Pre-Conference Workshops # The Top 5 IT Project 


« Expanded Conference Program Leadership Awards 


(over 40 sessions) # Unlimited Networking Opportunities 


The Project Leadership Conference (PLC) is the 


p R¢ ( 3 only independent, high-level summit dedicated to 
r the IT Executive and Senior IT Project Manager 
ae nae who work in a project based environment. Attend 


LFAD ERS H | p the PLC and learn the skills you need to ensure 


CONFERENCE your IT projects succeed. 


Leading the Way to Successful 


Project Management in the IT World SPONSORED BY: COMPUTERWORLD 
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own AN AT&T BUSINESS SOLUTION ; 


INTELLIGENT CONTENT DISTRIBUTION: When a holiday season onslaught took the FAO Schwarz 
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into action. Within 24 hours, this service moved pictures, copy and other critical content out to an 
expansive network of AT&T Business ICDS. servers. Where content could be closer to the customer 
and served up at lightning speed. This freed:-FAO Schwarz servers to focus on order processing and 
fulfillment. The divide and conquer approach reduced network bottlenecks and service denials, yet was 
totally transparent to FAO Schwarz customers. All they experienced ar hse semi awe 

With AT&T Business, you have valuable allies that are always ready when you need them. 
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DOT-COM DUDS 


The labor crunch is 
steadily easing as dot- | 


com refugees make their | 


way back to traditional 
firms. But IT managers | 
say many of the shining | 


stars of the e-commerce | 
boom aren’t measuring 


ip tn Ge couporete | Rolling out a global enterprise resource planning system pre- 
he sents companies with plenty of technical challenges. But pro- 
THnAA HAIFA | viding executives outside the U.S. with the technical 
HIPAA CHECKUP | a and cultural training they need to make it work 


g 


IT departments in f 





health care organiza- F , posesa whole separate set 


jf 


tions are preparing for 4 of problems 


next year’s debut of a 1 / ; 
new federal law that : for companies 
will affect electronic 

transactions and tighten m to address. 
privacy and security of | . 


medical records. But 
the tough part is yet to 
come.» 44 


ALIGNING IT 
AND BUSINESS 


As technology moves 
from the back office to 
the forefront of e-busi- 
ness, the alignment of 
business and technology 
is becoming more cru- 
cial. A professor at the 
Stevens Institute of Tech- 
nology has developed a 
methodology companies 
can use to assess the ma- | 
turity of their business/ 
IT alignment. » 46 


BALANCING ACT 


IT consulting can pro- 
vide a healthy work/life 
balance, but it can also 
mean painfully long 
hours and extensive 
travel. Find out how two 
consultants approach 
their work. » 49 
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Dot-com Bust a Mixed Bag for IT Staffing 


BY LEE COPELAND GLADWIN 

Traditional companies are hav- 
ing an easier time filling long- 
empty IT staffing positions as 





former dot-com employees re- 
turn to the corporate fold. But 
corporate IT managers report 
that not all of those returning 


t tw 


At the Las Vegas } 


Motor Speedway. 


nens 


b 


are the cream of the crop. 
“We figured people coming 


from dot-coms would be top- 


| with the latest and greatest,” 


said Bryant Fong, MIS manager 
at Advanced Research Labora- 


| tories, ashampoo and personal 


end and that we'd be working | 


a 
Win Some Real Power 
at rhic.com/WIN. 600 hor 


ses worth, to be exact. 


care products manufacturer in 


| Costa Mesa, Calif. “When we 


interview them, their mentali- 


ed, fea 


Technology Professionals 
rhic.com/win * 800.255.1292 


Suite 200, Menlo Park, CA 94025 
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ty is, ‘I can learn as I go.’ But we 
have rules and procedures that 
we have to follow.” 

Others the free- 
wheeling nature of young tech- 
nology workers who got their 
start in Internet companies, 
many of which were known for 


also cite 


| nontraditional office environ- 


ments and _ work habits. 
Though willing to go the extra 
mile, these developers aren’t 
accustomed to following struc- 
tured methods for software de- 
velopment. 

“There’s a lot of innovation 
among some of the dot-com- 
mers,” said Jim Hughes, CIO of 
Cleveland-based National City 
Corp., a bank with $92 billion 
in assets. “But there’s also a 
kind of hacker mentality.” 

Hughes manages an IT staff 
of 1,300 and has hired a dozen 
or so workers from closed dot- 
coms in recent months. 

“We’ve had to make sure that 
these people can deliver the 
kind of stability and code that 


| they perhaps didn’t before,” he 


explained. “We're transferring 


| large sums of money, and it has 
| to be right.” 


| The Right Stuff 


Internet-related job cuts in 
April totaled 17,500 — an in- 


| crease of more than 80% from 


March, according to a study re- 
leased last month by Chicago- 


| based outplacement firm Chal- 


lenger, Gray & Christmas Inc. 
“We had a full-time recruiter 

working for IT last year,” said 

Ergin Uskup, CIO at United 


| Stationers Inc., an office sup- 





plies and equipment whole- 
saler in Des Plaines, III. “We’ve 
discontinued that service be- 


| cause the hiring process is less 


difficult.” 

Uskup said he’s also receiv- 
ing an influx of résumés from 
systems integration firms such 
as Chicago-based MarchFirst 
Inc., that conducted develop- 
ment work for dot-coms. But 
Uskup said he looks for the 


| right skills instead of dot-com 
| experience. 


Indeed, dot-com and Internet 


| integration experience doesn’t 


ensure a good cultural or skills 
match. 

Lorraine Balum, IT hiring 
manager at Allstate Insurance 
Co. in Northbrook, IIl., agreed 
with Uskup. 

“We've had more candidates 
contacting us, but they’re not 
necessarily the right fit, and 
some of the skills sets are not 
aligned to what we’re looking 
for,” she said. D 
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Banks St rt l : ' | ation in Washington. “There’s ; policies, Bartolomeo said. “But 
a 00 Ing A e | e nsurance | a growing trend for this type of | there’s no history yet. How do 
coverage,” he said, but added | you go about enforc these 
a small community bank with ank need for its online ser- | that the usefulness varies from | contracts? If somebody’s Web 
$250 million in assets could | vice? It depends on the bank, | bank to bank. site is defaced, how do you 
run $5,000 to $15,000 per year. said John Hall, a spokesman for First Union might be a good | prove what ’s wo t 
revenue streams, but those | How much insurance does a | the American Bankers Associ- | didate for one of those new | your compa 
streams can bring new risks. 
Insurance companies are final- 
ly beginning to look at the risks 


BY MARIA TROMBLY 
The recent online banking ex- 
plosion has offered banks new 


oo] 


| 
and offer coverage. 

Several insurance compa- 
nies have begun offering pack- | 
ages to banks that cover risks | 
specifically associated with | 
their online operations, ac- 
cording to Richard Roby, an 
insurance analyst at Needham, 
Mass.-based TowerGroup. | 

About 17% of U.S. house- | 
holds now use Internet bank- 
ing sites, according to Richard 
Bell, a banking analyst at Tow- 
erGroup. “That represents a | 
relatively important part of 
some institutions’ business,” | 
he said. “Protecting that busi- 
ness process makes sense.” 

Problems that can plague 
online banking sites include | 
denial-of-service attacks and | 
Web site defacements, said | 
Tom Bartolomeo, senior vice | 
president of information secu- 
rity at Charlotte, N.C.-based | 
First Union Corp. 

Other problems inclu 
transmitting viruses and pri 
cy violations, added Emily Q. | 
Freeman, practice leader for 
e-business risk solutions at 
New York-based insurance 
broker Marsh Inc., which be- | 
gan offering insurance prod- 
ucts for Web sites in late 1999, | 9 . re ae : p 5 
“Traditional insurance policies 7" The services and training to give you lots of confidence. 
may not really adequately cov- aay How Tol tm IE yy it is reli business. 
er the type of risks that are as- 
sociated with Internet technol- 
ogy,” she said. “The financial 


$ cs : PY 
ier : i 


traditional types of embezzle- 
ment or traditional types of 
computer fraud.” 

Each of these Internet-relat- 
ed banking risks has two parts: power of open source. How? 
the damage done to the bank it- 
self through the loss of business The power of our specialized Linux and embedded Engineering Services 
or damage to reputation, and 
the damage done to customers, 
or partners, explained Gina 
Juhnke, product manager at 
Mayfield Village, Ohio-based to RHCE™ certification 
Progressive Casualty Insurance 
Co. For instance, if a company Add our platform technologies and Red Hat Network and you have an 


Whether it's riding a bull or moving your IT infrastructure to the open source 
technologies, confidence can make people do some pretty amazing things. 
Red Hat expertise can give you the confidence you need to leverage the 


Our enterprise-class network infrastructure consulting 
Our rapid-response "developer-to-developer" tech support 
And, of course, industry-leading training, from Apache™ administration 


can't access its funds and loses end-to-end solution from the global leader in open source technology. 
a business opportunity, it may 
hold the bank responsible. 
Insurance prices depend on 
the size of the bank and the 
functionality of the Web site, 
said Juhnke. For example, addi- 
tional liability insurance for a 
fully transactional Web site at 


It's how we give you the confidence to do, well, just about anything. 








You’ll often find a picture of an tT td Uy model with 





msdn Subscription Services 
- 










[a] 
(L] Developer Tools 

[2 ¥isual Studio. HET Bet. 

B ¥isual Studio 6.0 Ent. & 

@ WET Framework SDK | 


a teil 2000 Tired of.ad fluff? Get essential developer pape Pdi m) es Ml siege 
Want to get priority access to over 1,000 continuously-updated product 
a BizTalk Server 2000 downloads, DVDs, or CDs with the latest tools, platform, and server 
a Exchange 2000 Server technologies? Get an MSDN Subscription, and start building your next 
W) Platform big thing. msdn.microsoft.com/ subscriptions 
Windows 2000 Server 








4 


F: | goatee here. You Pre Petters to think he’s a developer. 





© 2001 Microsoft Corporation. All nghts reserved. Microsoft, MSON, BizTalk. Windows, and Visual Studio are either registered trademarks or trademarks of Mv 





42 


Ui a Es 


The Blue Light Is Back Online 


Interviewee: Ghufran Ahmed 
vice president of engineering 
Company: BlueLight.com LLC, 
the Web site mart Corp 
(Although majority-owned 
by Troy, Mich.-based Kmart 
BiueLight.com 
company 
Main location: San Francisco 
above the wax museum on 
Fisherman's Wharf. “You can 
smell the seafood from Grotto’s 
across the street.” 
Tenure: Since January 
2000, “right after the 
company started in 
December 1999.” 
Number of IT em- 
ployees: 70 
Number of employees 
(end users): 200 
Recent IT initia- 
tives: Three site re 
launches in June, Octo 
ber and March 

“In June, it was 
the whole infrastruc 
ture and all the 
back-end systems 
for order fulfillment and 
e-commerce 

“In October, it was geared to 
the holiday season. And in 
March, we added more func 
tionality and products and 
changed the look and feel. We 
added the whole Blue Light 
Special area, where we have 
daily specials.” 
Did Kmart’s new advertis- 
ing campaign put any pres- 
sure on your relaunch 
deadline? “Definitely. Kmart is 
spending a lot on its ‘The Blue 
Light is back’ mantra, and part 
of that is advertising BlueLight 
com. So we had to make sure 
the relevant parts of the site 
were ready to go when the na- 
tional ad campaign launched in 
April.” 
What's your relationship 
with Kmart's IT depart- 
ment? “We don't share any 
systems with Kmart, although 
we do exchange information 
and are working on more inte- 
gration. For example, the Kmart 
in-store kiosks are running our 
BlueLight application.” 
Training: “We're allocating 
about 80 hours a year per 
employee.” 
Employee reviews: “We're 
just now putting in a formal an- 
nual review process, and we 
have a 90-day review for new 
employees.” 
Bonus programs: “There are 


is a separate 


What It’s Like 
To Work at... 


no IT-specific bonuses, but we 
get some spot bonuses, and 
everyone gets stock options.” 
Dress code: “It's pretty casual 
your typical San Francisco dot 
com environment, with a lot of 
creative people.” 
Workday: Standard hours are 
9 a.m. to 6 p.m. “We have flex 
time, and on some projects, we 
put in overtime. It was nonstop 
for 48 hours for the October 
launch and in March, there was 
a 24-hour stretch 
“It’s still pretty grueling 
We used to say, ‘Retail 
is detail,’ and e-tail is 
even more detail.” 
SY Must people carry 
beepers? Cell 
phones? “Yes. Every 
one has cell phones, 
and some have beep 
ers also. We can ac- 
cess our e-mail via 
our phones.” 
Free refresh- 
ments: “Calistoga 
[sparkling water] 
sodas, a lot of chocolate, Dori- 
tos, Chex Mix. And it's Califor- 
nia, so there's an emphasis on 
healthy stuff.” 
Little perks: “We have negoti- 
ated parking rates with some of 
the garages in the area, and that 
makes life much easier in San 
Francisco, especially in Fisher- 
man’s Wharf. We get cell phone 
discounts and 10% employee 
discounts on the Web site and 
in any Kmart store, and we just 
added a laundry service 
“There are lots of toys 
around, like a motor-powered 
miniature Volkswagen. The 
[human resources] department 
has been good about making 
sure that it remains a good envi- 
ronment to work. It’s a very hip- 
hop place.” 
Last companywide/depart- 
ment perk: “A barbecue on 
our balcony on a sunny after- 
noon to celebrate our relaunch.” 
The last word: “For us, the 
dot-com culture isn’t dead. We 
are a much bigger company 
than when we started, and of 
course, budgets have tightened. 
“We are being a lot smarter 
about spending money. Last 
year, [the attitude] was, ‘Get up 
and running and spend the 
money.’ This year, we're more 
focused on profitability and 
cost-effectiveness.” 
- Leslie Jaye Goff 
(lgoff@ix.netcom.com) 
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A. STRASSMANN 


Deal Gone Bad? 


OR YEARS, J.P. Morgan was the most intensive private-sec- 
tor user of IT. It was spending more than $75,000 on IT 
per employee, or almost 40% of what it spent on salaries. 

Given that J.P. Morgan has that much computing power, I 
was surprised to hear that this venerable firm — the 


onetime lead banker of American industrializa- 
tion, the firm that saved the U.S. Treasury from 
default in 1895 — would cease being indepen- 
dent and would merge with Chase Manhattan. 
What really got my attention was the fact that 
much of Morgan's IT was outsourced beginning 
in 1996, whereas Chase’s culture values IT as a 
homegrown competitive advantage. 

How well has that outsourcing — a seven- 
year, $2.1 billion deal to a consortium led by 
Computer Sciences Corp. (CSC) — served Mor- 
gan? Let’s look at the ratio of operating expens- 
es to revenue. Operating expenses, reported as 
“noninterest costs,” include such costs as ad- 
ministrative overhead, IT expenditures, out- 
sourcing costs, consultants and depreciation. 

As the chart (below right) shows, there was 
an alarming growth in the ratio from 1990 to 
1994, Management became concerned and was 
looking to cut costs. Meanwhile, rapidly mount- 
ing IT costs reached the unprecedented level of 
more than 30% of operating expenses. 

So Morgan called in some big-name consul- 
tants, who told executives that their hodge- 
podge of unintegrated systems could be best 
tamed by outsourcing IT to a consortium of 
firms that would be expected to work together. 
In due course, a four-company alliance led by 
CSC landed the job. 

This landmark deal was heralded with public- 
ity comparable to what I have heard in every 
failed outsourcing situation where the real mo- 
tive was cutting costs: “The real impetus for the 
project is to help [Morgan] to retain its technol- 
ogy edge, to deliver better services to end users 
and to free up internal resources to build new 
applications.” 

Sure! 

What really happened will always be a matter 
of conjecture, but the operating expense-to-rev- 
enue ratio didn’t budge. Instead, two years later, 
it shot up to unprecedented levels. 

My calculations show that even though Mor- 
gan’s IT per-capita costs were astronomical by 
any standard, there was no way to restore the 
critical financial ratio to its prior levels by 
merely outsourcing one-third of the IT budget. 
Confusing the matter further, the only pub- 
lished claim of savings by the outsourcers was a 
$28 million cut in IT costs in the contract’s first 
year, only 0.6% of operating expenses. 

The much-hoped-for infusion of advanced 
technologies from the outsourcing consortium 





didn’t materialize, evidenced by the fact that 
Morgan proceeded to hand over to the Bank of 
New York its investment management account- 
ing systems for Europe, which was a core com- 
petency application. 

Integration didn’t happen, either. For exam- 
ple, IT and telecommunications operations are 
run by the U.S. outsourcers, but not in Japan, 
where J.P. Morgan has partnered with IBM. 

I don’t know how Morgan’s IT operations 
will fare after merging with Chase. My tracking 
of Chase’s performance shows that it has been 
able to achieve reductions in the operating- 
expense-to-revenue ratio, which is likely the 
direction it will take to justify some of the price 
it paid for Morgan. 

There’s no rationale for a major bank to out- 
source much of its IT except in unique situa- 
tions. There are no economies of scale when 
you deal with an IT budget of more than $3 bil- 
lion, the consolidated IT budget of the bank 
subsequent to the merger. Instead, there’s only 
organizational confusion when accountability 
and simple command-and-control structures 
are easily compromised. DB 


Strassmann (paul@strassmann.com) has always fol- 
lowed the principle of outsourcing risky innovations 
and keeping tight control over ongoing operations. 


The J.P. Morgan Story 


J.P. Morgan’s operating expenses as a percentage of 
revenue soared in the early 1990s, then rose again 
in 1999, three years after the company outsourced 
its IT operations. 
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Our gigabit IP-over-fiber network lets you choose the bandwidth that’s just right for your business. 
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With up to | Gbps in | Mbps increments, you get the power you need, right when you need it. 
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Gettin 


HE IT STAFI 


Medical Center understands the serious 


at Loma Linda University 
consequences of reading patients’ medical 
records without authorization and other- 
wise violating patients’ privacy. In anticipa- 
tion of the medical privacy regulations that will be 
enforced by the Health Information Portability and 
Accountability Act (HIPAA), Loma Linda is operating 
under strict new privacy rules, says Alvin Siagian, the 
enter’s information security administrator. Some 
IT staffers at the Loma Linda, Calif.-based hospital 
have been fired for bypassing audit trails or looking 
up their friends’ and families’ records, he says. 

‘We have to teach our IT staff to keep their curios- 
ity in check,” 
In the face of an October 2002 compliance dead- 
— standardizing data for 

- IT leaders at 
health care organizations have been managing many 
changes in their departments. They have implement- 
ed new policies, like Loma Linda’s strict privacy 
rules, and learned early lessons about best practices, 


Slagian says. 
line for HIPAA'’s first phase 
mats for electronic transactions 


such as when to involve IT personnel on HIPAA 
projects and how to cost-effectively implement 
HIPAA compliance projects. 

Industry officials say that so far, HIPAA projects 
haven't been a large burden on IT departments, and 
their efforts are paying off with the beginnings of a 
privacy-focused cultural change within their compa- 
nies. Officials are also confident that IT and the rest 
of their organizations will be ready when next year’s 
deadline arrives for implementing standards and for- 
mats for electronic transactions. But their toughest 
challenge — giving patients access to their records 


Anewlaw governing 
the privacy, security 
and electronic 
transmission of 
health care data is 
rippling through the 
industry, and IT is 
playing a key rolein 
the changes. By Amy 
Helen Johnson 


— is yet to come, according to industry analysts. 
After health care organizations finish their Phase 1 
work, they face an April 2003 deadline for imple- 

menting privacy and security provisions, although 
Health and Human Services Secretary Tommy 
Thompson says the rules will be modified before the 
deadline. Provisions governing security have yet to 
be finalized. | 
| 
| 


Matt Duncan, a research director for health care at 
Gartner Inc. in Stamford, Conn., says organizations 
that have yet to conduct Phase | risk assessments and 
hold employee education and awareness sessions 


risk missing next year’s deadline. For the most part, 
he says, the health care industry needs to put more 
effort into its compliance projects. A Gartner survey 
of 225 health care organizations that was conducted 
in February revealed that 65% have general HIPAA 
education programs in place and 50% have begun 
risk assessments. Gartner suggests that organizations 
should be nearly done with their general awareness 
campaigns, most of the way through the assessment 
phase and already working on their return-on- 
investment analyses. 

Yet IT leaders say they’re on track for the first 
phase and they’re proceeding cautiously on the 
privacy and security work until the federal regula- 
tions are firm. “We don’t want to overreact,” says 
Don Livsey, CIO at Children’s Hospital Oakland in 
| Oakland, Calif. 

As for the data formats, Livsey says that two years 
is enough time to do the work and that he’s comfort- 
| able with the progress his department has made. 
“We're right where we need to be,” he says. The hos- 
pital has been examining the regulations for a year, 
analyzing what it needs to do. 

Right now, Livsey says, staffing isn’t a big burden. 
But next year, he’ll have to commit funds for the nec- 
essary personnel and technology to bring the hospi- 
tal into compliance. “We’ll hit the ground running 
hard in 2002,” he says. 

Livsey says he hasn’t completed his cost estimates 
for HIPAA compliance, but he expects them to be 
less than $10 million. Duncan says that’s in line with 
data from Gartner’s survey, in which only 27% of 
respondents had estimated their compliance costs, 
with an average of more than $7.5 million. But, he 
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says, that number is far from firm and the average 
cost could prove to be more than double that amount. 

Larger organizations will face higher costs because 
they have more work to do. For instance, Oakland- 
based Kaiser Permanente Health Plan Inc., a 101,400- 
employee nonprofit health maintenance organization 
with 8.2 million members, owns 35 hospitals and med- 
ical centers and 423 medical offices across the coun- 
try that it must bring into compliance with HIPAA. 
Mary Henderson, national director of Kaiser’s 
HIPAA program, has been directing a 50-person, full- 
time HIPAA team since March last year. 

Henderson says most of Kaiser’s 4,000 IT person- 
nel aren’t involved in HIPAA-related work because 
the new law doesn’t yet affect them. Her strategy 
is to engage site-based IT personnel in compliance 
efforts when their participation is needed, such as 
when the systems they work on must be modified. So 
far, local IT personnel with responsibility for claims, 
membership and billing systems have gotten in- 
volved in Kaiser’s first-phase compliance efforts. 

At Group Health Cooperative, an HMO in Seattle, 
planned upgrades to legacy systems play a large part 
in determining the HIPAA implementation schedule, 
says Gary R. Gray, Group Health’s HIPAA project 
director. One strategy he’s found successful for low- 
ering costs, he says, is to piggyback the changes for 
HIPAA compliance onto an existing project. Group 
Health’s IT organization bundled Phase | require- 
ments onto an upgrade of the HMO’s registration 
system. A second project involving medical records 
will expand to include work that will meet HIPAA’s 
privacy and security rules, Gray adds. 

Although HIPAA has a strong technology compo- 
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DON LIVSEY 
Hospital Oakiand 

right where we 
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| nent, he says, IT organizations can’t rely on technol- 
| ogy as the only solution. “HIPAA is about developing 
a culture in your organization,” says Gray. And IT 

| leaders are helping develop that culture through 

| means ranging from holding seminars to rearranging 
| work spaces. 

| Gray says changing Group Health’s culture starts 

| with education. The HMO has a companywide HIPAA 
oversight committee, of which he is a member. The 

| first step was to teach departmental leaders about 
HIPAA’s rules and ramifications, he says. Now the 

| effort is moving down to departmental personnel 

| through lunchtime brown-bag presentations. “We're 
trying to get as many audiences as we can,” Gray 
says. “The audience is never too 
small and never too large.” 

Abbis Kafi, chief technology offi- 
cer at Dallas-based Claimsnet.com 
Inc., a claims-processing clearing- 
house, says his department has made 
so many changes throughout the 
company that everyone is aware of 
HIPAA. He’s mandated that everyone use a screen 
| saver with a 15-minute timeout so that any poten- 
| tially private information isn’t left on display when 
people are away from their desks. Not every employ- 
ee has access to confidential information, but he’s 
not taking any chances, Kafi says. He’s even gone so 
far as to reposition employees’ desktop computers so 
visitors can’t see the screens. 

Although such changes have placed an extra bur- 
den on Kafi’s staff — someone had to go around to 
every workstation and install the screen-saver utility, 
for example — it has helped make his colleagues re- 
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MORE ON HIPAA 

> For a full text of the Health Insurance 
Portability and Accountability Act of 
1996, visit the U.S. Department of 
Health and Human Services Web site 


http://aspe.hhs.gov/admnsimp/ 


A HIPAA Primer 


Former President Clinton signed HIPAA into law on 

Aug. 21, 1996. The U.S. Department of Health and Human 
Services has led a process to detine the exact regulations 
that health care organizations must follow to comply with 
the new law. 

Organizations affected by HIPAA include health 
insurers, health care clearinghouses and health care 
providers. Business partners of these organizations that 
handle individually identifiable patient information must 
also comply with the law. 

HIPAA has the following major provisions. 


ELECTRONIC TRANSACTIONS 
The law establishes standard data content and formats 
for submitting electronic claims and other administrative 
processes. Compliance for most organizations is required 
by October 2002. 


PRIVACY 
Organizations must establish policies on who gets to see 
individually identifiable patient information and under 
what circumstances. HIPAA covers electronic and paper 
patient records and oral communication and gives pa- 
tients rights and control over their information. The regu- 
lations are complete, but the Bush administration has 
said it will modify some of them. Compliance is required 
by April 2003, but small self-administered health plans 
have an extra year. 


SECURITY 
The law requires organizations to define clear procedures 
to protect patients’ privacy, designate certain individuals 
to monitor privacy practices, and hear patients’ com- 
plaints. It also outlines penalties for misuse of patient 
information. These regulations aren't finalized. 
~- Amy Helen Johnson 


| alize that everyone at the company is responsible for 


compliance with HIPAA. “We're actually helping to 
improve company communication,” he says. 
Although IT leaders are putting time and re- 
sources into HIPAA today, Gartner’s Duncan says the 
largest headache will come in the future, when 
health care organizations implement the patients’ 
rights portion under the privacy phase. This section 


| gives patients the right to see their medical records 


and correct any mistakes in them. “It’s not just a 
technology challenge,” he says. “It’s a process chal- 
lenge.” IT leaders must not only figure out a secure 
way to allow access for individuals who aren’t em- 
ployees or regular users of their computer systems, 
but they must also implement a proc- 
ess that notes errors and then reviews 
and corrects them. 

Ultimately, says Duncan, HIPAA 
will be good for the health care indus- 
try. The law marks an opportunity to 
transform an organization’s business 
processes, he says, which will save 


| companies money and offer new opportunities for 
| delivering health care. 


IT leaders say they see the benefit of that transfor- 


| mation. Loma Linda’s Siagian says the industry needs 
| the efficiency and cost savings brought about by 


HIPAA. “Our modus has been to save patients, peri- 
od,” he says. “But if we continue doing that without 
actually helping our business side, someday we will 
have problems.” D 
Johnson is a Computerworld contributing writer 
in Seattle. 








Jerry Luftman 


BUSINESS AND technolo- 
gy have become increas 
ingly intertwined, the 
strategic alignment of the 
two has emerged as a ma- 

jor corporate issue. 

Not that this is a new subject. In fact, 

I relationship between 

1ess and information technology 
has been chronicled as far back as the 
1970s, when Harvard Business School 

Prof. Richard L. Nolan expounded his 


tages theory” of the business/TT 


lationship 

But the emergence of IT from the 
back room to the forefront of e-busi- 
ness brings the alignment issue under 
the spotlight like never before. And as 
the economy softens, the potential effi 
ciencies and competitive advantages 
afforded by technology become all the 
more crucial 

Now, Jerry Luftman, executive direc 
tor and distinguished service professor 
for the graduate in- 
formation systems 
programs at the 
Stevens Institute of 
Technology in Hobo 
ken, N.J., has added a 
new wrinkle: a 
methodology that 
enables companies to 
self-assess the matu 
rity of their busi- 
ness/IT strategic alignments. 

By referring to the characteristics of 
five maturity levels within each of six 
strategic categories (see chart), Luft 
man contends that companies can gen- 
erate numeric scores that reflect the 
maturity of their alignment. 

Luftman points to Bristol-Myers 
Squibb Co. as a firm that has enhanced 
its business/IT alignment in recent 
years. The New York-based pharma- 
ceutical giant has established an IT re- 
view board of IT and non-IT execu- 
tives to lead the strategy and planning 
processes, identify opportunities, de- 
fine priorities and track the progress of 
IT projects 

Luftman says his methodology was 
validated through studies of 25 Fortune 
500 companies during the spring and 
summer of last year. Now, thanks to 
new sponsorship by The Conference 
Board Inc. in New York and the Society 
for Information Management in Chica- 
go, Luftman is surveying hundreds of 
executives, primarily at Fortune 1,000 
companies, with the aim of assembling 
an ever-expanding repository of bench- 
marking information. 

“The participants need to be execu- 
tives both from the business and the IT 
organizations,” he says. “We look to 
have at at least six executives from 
each firm.” 

Will this be useful? Few will contra- 
dict Luftman’s insights. The question is | 
whether the assessment effort repre- _| 
sents the best use of a CIO's time. 


BUSINESS 


Measurin 
Alignmen 


An IT management professor has 
developed a new methodology to 
help companies assess the maturi- 
ty of their 'T/business alignments. 
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The Luftman Mode 


Jerry Luftman’s five levels of 
IT/business alignment: 


LEVEL 5: Optimized process 
Communications: Informal, pervasive 
Competency/value: Extended to external partners 
Governance: Integrated across organization, partners 
Partnership: |T and business co-adaptive 

Scope and architecture: Evolve with partners 
Skills: Education/careers/rewards across organization 


LEVEL 4: improved/managed process 


Communications: Bonding, unified 
Competency/value: Cost-effective; some partner value 
Governance: Relevant process across organization 
Partnership: IT enables, drives business strategy 
Scope and architecture: Integrated with partners 
Skills: Shared risk, rewards 


LEVEL 3: Established focused process 


Communications: Good understanding 
Competency/value: Some cost-effectiveness 
Governance: Relevant process across organization 
Partnership: Process driver; IT seen as asset 

Scope and architecture: Integrated across organization 
Skills: Emerging value service provider 


LEVEL 2: Committed process 

Communications: Limited understanding 

Competency/value: Functional cost efficiency 

Governance: Tactical at functional level, occasionally responsive 
Partnership: Process enabler; IT emerges as asset 

Scope and architecture: Transaction (e.g., decision-support system) 
Skills: Differ across functional organizations 


LEVEL 1: Initial/ad hoc process 
Communications: Business, IT lack understanding 
Competency/value: Some technical measurements 
Governance: No formal process 
Partnership: Contlict; IT a cost of doing business 

Scope and architecture: Traditional (e.g., accounting, e-mail) 
Skills: IT takes risk, gets little reward; technical training 


COMPUTERWORLD May 7, 2001 


Roy Nicolosi, CIO at the Insurance 
Services Organization (ISO) in New 
York, says he plans to use Luftman’s 
methodology to assess the ISO’s four 
separate business lines. 

“We hope to find good measure- 
ments to aid in the comparison of the 
business units with a balanced score- 
card,” Nicolosi says. A balanced score- 
card is a methodology that’s designed 
to track long-term strategic perfor 
mance by measuring progress against 
discrete business goals. 

Nicolosi also says Luftman’s 
methodology may come in handy 
when evaluating potential acquisitions. 
For example, the relative alignment of 
a potential acquisition with the 
prospective parent organization can 
aid in deciding whether to integrate 
the acquired company into the umbrel- 
la organization or to leave it as a stand- 
alone entity. 

But Chuck Emery, CIO at Horizon 
Blue Cross/Blue Shield of New Jersey 
in Newark, doubts whether Luftman’s 
numeric scoring allows for effective 
comparison. “The problem is whether 
metrics can be developed that can be 
used across different organizations,” 
says Emery, who’s mulling whether to 
try Luftman’s system. “The evaluations 
call for many qualitative judgments, so 
that the assessment is related to the 
subjectivity of the evaluator.” 

For Emery, the problem is finding 
metrics that travel well across organi- 
zational boundaries. “As long as I’m the 
one doing it, the measurement may be 
consistent,” he says. “But intergroup 
comparability becomes difficult.” 

In many respects, alignment boils 
down to the effectiveness of the inter- 
personal relationships between busi- 
ness and IT managers. Effective IT 
leaders, among other things, must be 
privy to senior management’s tactical 
and strategic plans, according to Luft- 
man. They must also be present when 
corporate strategies are discussed. 

“It’s all a question of whether you're 
invited to sit at the table or out near 
the kitchen,” says Nicolosi. 

“It’s not a bad methodology, as these 
things go,” says Bruce Blitch, CIO at 
Tessenderlo Kerley Inc., a Phoenix- 
based chemical company. “In fact, it’s 
probably closer to the mark than any- 
thing I’ve seen before.” Still, he advises 
CIOs not to put too much faith in tools 
alone. “Instead, learn the craft of mak- 
ing and maintaining relationships.” 

Blitch sees the art of persuasion as 
more important than numbers in his 
job. “Whatever we do as CIOs needs to 
make sense to the business,” he says. 
“But making sense comes down to 
contributing to a vision shared with 
your management peers.” D 


Buxbaum is a freelance writer in 
Elizabeth, N.J. Contact him at 
pab001@aol.com. 





an infinite amount of 
storage possibilities 

for those with a finite 
amount of capital. 


Get up to a $2850 rebate on these 
and other HP storage products! «4 


HP offers the broadest portfolio of innovative storage hardware 
and software for your always-on business needs. From entry- 
level 1U disk systems to high-end XP512 disk arrays, and 
from 8GB tape drives to 28TB tape libraries. To find out about 


qualifying products visit us at www.hp.com/go/storagerebates2 - 


or to learn more about our entire portfolio of storage products 


visit www.hp.com/go/storage 


*Mail-in rebates from $180 to $2850 available on select part numbers. One rebate per qualifying serial number. Available to either end-users 
or resellers for purchases made in the US or Canada. Mail-in rebate forms available online and must be postmarked by July 31, 2001 
Purchases must be completed by June 30, 2001. Void where prohibited. For more information visit www.hp.com/go/storagerebates? 
© 2001 Hewlett-Packard Company. All rights reserved 


hp surestore disk system 2100 
Rack optimized — packing 
up to 292GB into 1U of space 


hp surestore virtual array 7100 
High-availability disk array with enterprise 
manageability — at a low cost point 


aes 


eee 


o 


| = 
——— 


hp surestore tape autoloader 1/9 

Advanced features of a tape library 

at the price of an autoloader using 
DLT1, DLT and Ultrium drives 


hp surestore tape library family 
Automated backup scalable to 
6TB with high availability and 
remote management using DLT 
and Ultrium drives 


a 


invent 





BUSINESS(:\ 


EXEC ED 
ON FOREIGN SHORES 


IT workers on foreign 
assignment are usually 
too busy with the tasks at 
hand to worry about their 
continuing education. 
That’s why e-learning is 
becoming essential for 
them. By Kym Gilhool) 





FOR IT PROFESSIONALS on assignment around the 
world, the pursuit of executive education for career 
advancement is characterized by compromise and 
complexity. 

The task is likewise complicated for U.S.-based 
companies that need to deliver high-level education 


and training to their IT workers in offshore locations. 


What works in the U.S. doesn’t necessarily fly in 
Poland, Brazil or France. 

International Paper Co., which is rolling out SAP 
R/3 to manufacturing sites worldwide, can attest to 
that. The company is currently wrapping up a pilot 
in England to establish a European best-practices 
team. It will next roll out the enterprise resource 
planning technology to its operations in Poland and 
Russia, says Russell Giddings, manager of business 
process redesign at the Purchase, N.Y.-based manu- 
facturer. Giddings sends project management teams 
from the U.S. to these countries to implement R/3. 

When these top IT workers need additional SAP 
training abroad, they primarily turn to SAP AG’s 
Web-based programs. Much bigger challenges come 
with educating these workers on country-specific re- 
quirements so they can customize R/3 to each imple- 
mentation, according to Doug Turner, IT director at 
International Paper’s European operations. 

“Across Europe, reports that have to be generated 
for one country are completely different than the 
country next door,” says Turner. “To develop Euro- 
pean best practices, our American team of business/ 
IT people have to get educated on different regula- 
tions.” That means localized training on fiscal, pay- 
roll, tax and reporting requirements for each country 
in which International Paper has facilities. 

In addition to educating what it calls its business/ 
IT workers on high-level foreign business practices, 
International Paper increasingly requires these 
workers to attend executive meetings, such as the 
electronic summit that the company hosted in De- 
cember in Europe. That summit brought together se- 
nior business and IT professionals working in the 


area to educate them on the company’s plans for 


e-commerce. 

“It’s critical when establishing best practices for 
worldwide initiatives that we educate our business 
IT people on our business processes and strategy 
moving forward,” says Turner. 


| TIME IS MONEY 


Finding the time to complete any kind of training 
under an R/3 implementation schedule can be a tall 


| order. That’s the challenge for IT executives working 


abroad, regardless of the projects they’re managing. 
They’re typically overtaxed with the projects at 
hand, and continuing their education isn’t usually a 
high priority. 
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“There are real challenges for multinationals try- 
ing to deliver education globally,” says Rachel 
Cheeseman, president of the Information Technol- 
ogy Training Association in Austin, Texas. “On one 
hand, local programs don’t usually work because it’s 
not worth a provider’s time to customize its whole 
program to one person who might not speak the 
language.” 

In addition, “there’s no time to take courses be- 
cause most IT executives working abroad are already 
working far beyond what is the local norm, and when 
they’re not, they’re often connecting with the mother 
ship over the ocean to get updates,” she says. 

These realities are just some of the many reasons 
that e-learning is gaining ground, says David Von 


| Zurmuehlen, a director at Dallas-based Southern 


Methodist University’s School of Engineering, which 
helps numerous IT professionals earn master’s de- 


| grees using video- and Web-based media. 


“When IT professionals are working abroad, 
they’re focused on the task at hand. When they get to 


| breathe, they’re more focused on integrating family 


time,” says Von Zurmuehlen. “From the cultural 


| standpoint, they’re outsiders, and as a project lead, 


everyone is making demands of them, so it can be 
overwhelming to try to continue their education. 


The Internet has had a positive impact, because they 


can log on and purchase a short class or self-paced 
tutorial when they have time.” 


A BLEND WORKS BEST 


Global companies will increasingly offer so-called 


| blended programs (which supplement classroom 


training with distance learning, videoconferencing, 
videotape and other delivery methods) to meet the 
needs of IT professionals at home and abroad. 
That’s the approach taken by Lockheed-Martin 
Corp.’s Enterprise Information Systems (EIS) organi- 
zation in Orlando, which provides IT services to the 


| defense contractor’s 145,000 employees worldwide. 


/e’ll be leveraging as many different media as 
possible as we go forward,” says Dwight Weaver, 
EIS’s manager of international IT services. “We're in- 
corporating Web-based training, videoconferencing, 
PowerPoint presentations and classroom training.” 

Bethesda, Md.-based Lockheed’s foreign training 
challenges are exacerbated by U.S. export control 
laws. “As a government contractor, we’re very aware 
of our requirements to protect U.S. technical data in 
compliance with U.S. export laws,” says Weaver. “So, 
while we're developing capabilities for network- 
delivered training, what we're able to share isn’t hin- 


| dered so much by technology but by data protection 


compliance. Data protection technology will allow us 
to share data across boundaries.” D 


Gilhooly is a freelance writer in Falmouth, Maine. 


Electronic-Learning Revenues 


Electronic learning is becoming a key component of corp- 
orate education and training initiatives at global companies, 
according to analyst Michael Brennan at Ransegion. 
Mass.-based IDC. Revenues in distance learning are 
expected to nearly double this year from last year, he says. 
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'T consultants can easily become consumed by 
long hours and frequent travel. Meet two consul- 
tants who chose this lifestyle for the time it affords 
them with their families. By Leslie Jaye Goff 
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OHN GOODHUI 
six-figure income, takes 
eight weeks of vacation 


each year and devotes | 
time to his local Oracle | 


users group. 
Doug Sjoquist alternates in- 
work periods with 
lighter stretches, home-schools 


tense 


his four children and is build- | 
ing his dream home in the | 
| his “boss” at Database Group, 


country. 

Both IT consultants exem- 
plify how independent consult- 
ing can empower IT profes- 
strike a 
work/life balance that’s diffi- 
cult to achieve as a full-time 
employee. But even among IT 


sionals to 


consultants, Goodhue and Sjo- | 
| base Group. His paycheck is al- | 


quist are exceptions to the rule. 


John Goodhue 


Oracle database administrator 
Maple Grove, Minn. 

Like many IT consultants, 
Goodhue set out on his own 
because he wanted more time 
and money. During the past 
three years, he has carved out 
an atypical consulting work- 


style that gives him the best of | 


two worlds: the freedom of an 
independent consultant and 
the comforts of an employee. 


As a W2 employee at consul- 
tancy services firm Database | 


Group Inc. in Dallas, Goodhue 
gets full insurance benefits and 
participates in a retirement 


plan that allows him to save as | 


much as $24,000 annually. He 


Question of Balance 


earns a | 


unique | 


doesn’t have to fret about pay- 
ing estimated quarterly taxes 
or whether clients will pay his 
invoices. 

“I work, and two weeks later, 


I get paid,” he says. “Typically | 


in consulting, clients often 
don’t pay for months, if ever, 
but I don’t have to worry about 
that.” 


But Goodhue has never met 


and he’s not obligated to work 
for the agency’s clients. He se- 
cures his own gigs, sometimes 
working as a subcontractor 
through other agencies. On all 


of his assignments, he sets his | 
| own hours and gets his full 


hourly rate of $125 from Data- 


most double what he earned as 


| a full-time employee. 


He uses his extra freedom 
and income to plan a major trip 
once every two months. In the 


| past two years, Goodhue has 


taken his wife and two children, 


| ages 12 and 14, to Paris, London, 


New York, Orlando, Las Vegas, 


| Washington, New England, Ice- 
land and Scotland. “I would | 
never have had the time or the | 


money for that kind of travel if I 
had a regular job,” he says. 

“It’s so much easier to take 
time off when I’m not being 
paid for it,” Goodhue says. It’s a 
a statement that might seem 
ironic, given that the nature of 
consulting is that time equals 
money. 


In response to an informal poll of consultants at the IT commu- 
nity Web site of Louisville, Ky.-based TechRepublic Inc. that 
asked, “How successful are you at balancing your personal life 
and professional life?” IT consultants revealed the following: 


7O% say they have canceled or cut short a vacation because of work. 
55% say their balance is “somewhat successful; some weeks | work too 


much.” 


25% say their time is “equally balanced.” 
20% say they rarely find time for themselves. 


(Note: Multiple responses allowed.) 





bie PPM 


“It’s easy for consultants to 
get into the mind-set of, ‘Oh, if 


I were working, I'd be making | 


$100 an hour,” he says. But he 
refuses to look at it that way. 
“That would drive you crazy 
every minute,” Goodhue says. 
“I like my time off, and it’s hard 
for a client to object because 
I’m not taking paid time off.” 
Goodhue says he gives his 
clients three to four weeks’ ad- 
vance notice of his trips, and 


| they have never complained. 


In between trips, he works six- 
to 14-hour days, as needed. 


as deadline-driven as 
types of IT projects, it’s easier 
to set his own schedule, he 
says. 


“In a consulting niche that’s | 
more project-oriented — like 
developing a new order entry | 
| system with a specific project | 


plan and deadlines and defi- 


nite start and end dates — it | 
would be much harder to do | 
| what I do,” he explains. 
Prior to consulting, Good- | 


hue was a database administra- 
tor on the order entry system 


at Fingerhut Cos. in Minneton- | 


ka, Minn. He had to work a 
scheduled maintenance shift 
every weekend, from midnight 
Saturday to 6 am. Sunday. 
Every third week, he was on 
call. That left him very little 
time with his family. 


“My relationship with my | 


kids has changed since I start- 


ed consulting,” he says. “Trips | 


are a good way to enhance the 


| family experience. There’s al- 


ways some sort of problem 
that crops up when you're trav- 
eling, and we work through it 
as a family. We’re much closer 
than when I only had two 
weeks’ vacation a year.” 

The biggest challenge to his 
newfound freedom, Goodhue 
says, is the possibility that he 
may find himself with too 
much time on his hands. Al- 
though he’s had only one week 
of unanticipated bench time 








since 1998, there’s always the 
chance that he could have a dry 
spell. 

“I could be on a gig for 
months, but it might turn out 
to be only a week — that’s the 
chance you take,” he says. “So 
you have to have nerves of 
steel.” 


Doug Sjoquist 
Sole proprietor, enterprise Java 
developer 
Sunetos Inc., Xenia, Ohio 

Sjoquist started consulting 
in 1998 because he “didn’t want 


to end up with a compartmen- | 


talized life,” he says. “I want 


| to weave together my social, 
| spiritual, professional and fam- 
| ily lives — both for my benefit 
and so I can be of service to | 


others.” 

To that end, Sjoquist sched- 
ules projects in “clumps,” he 
says. He alternates concentrat- 
ed work periods of several 


consecutive months with a 


less-demanding month of half- | 


days. The schedule effectively 


serves his clients and sets a | 
well-rounded example for his 

| on the road. For example, de- 
“My children see ‘work’ as 


four children, ages 8 to 13. 


well as other things about me,” 
Sjoquist explains. He works 


from home three days per | 
week and frequently opts to | 


program in the mornings and 


evenings so he can spend after- | 


noons with his family. When 


| “MY RELATIONSHIP with my kids has changed since | started consult- 
| ing,” says John Goodhue, whose schedule allows frequent vacations. 

Since Goodhue’s work isn’t | 
other | 


Sjoquist is in half-time mode, 
the family travels, or he tackles 
personal projects like wiring 
his new home. If friends or 
family need a helping a hand, 
he adjusts his schedule to pitch 
in wherever he’s needed. 

His workstyle isn’t without 
its challenges, Sjoquist notes. 
He frequently works out of 
town, and last summer he was 
on the road for six weeks be- 
tween May and September. “It 
was a lot more travel than I 
would have agreed to if I had 
thought through the contract,” 
Sjoquist says. Even though his 
children are home-schooled, 
it’s not always possible for his 
family to join him. 

As an employee, Sjoquist 
says he frequently worked 
overtime. “I didn’t mind some 
of that, but sometimes I felt 
like it was overboard. I wanted 
to get paid for all the hours I 
worked.” 

Moreover, as a developer, 
Sjoquist says he finds it diffi- 
cult to take full vacations with- 
out his laptop in tow, but he 
manages to mix work and play 


pending on his deadlines dur- 
ing a trip, “We may stay a few 


| days longer in a spot, and I'll 


spend half of the time working, 
the other half playing.” D 

Goff is a freelance writer in 

New York. 
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Inventory [urns 


BY JAIKUMAR VIJAYAN 
HINK OF inventory 
turns as a measure 
of how well a 

company’s prod 
ucts are doing in 

the market and how well its 
inventory is managed 

The term basically captures 
the number of times per year 
businesses such as retailers 
and manufacturers are able to 
sell off or use up their com- 
plete inventory of raw materi- 
als or finished goods. 

The more often a company is 
able to turn over its inventory, 
the better. The reason is sim- 
ple: Businesses like to convert 
merchandise and materials in- 
to cash as quickly as possible. 

In addition, holding on to in- 
ventory costs a lot of money, 
both in terms of the capital tied 
up in unsold products and in 
the expenses associated with 
warehousing them. 

So, the quicker a company is 
able to push its inventory out 
the door, the higher the return 
on its 
and the better its cash flow. 

“Anytime you have products 
sitting in inventory it means 
your are pro- 
ducing cash flow,” says Andy 
Chatha, an analyst at ARC Ad- 
visory Group Inc., a manufac- 
turing consultant in Dedham, 


inventory investment 


resources not 


Mass. “Ideally, you want zero | 


inventory” if you want to maxi- 
mize cash flow, he adds. 


Do the Math 


Inventory turns are calculat- 
ed by dividing annual sales by 


the average value of the inven- | 
tory. For example, if a company | 
had sales of $100,000 last year | 
and the average retail value of | 
its inventory over the past year | 
was $50,000, then the number | 


of inventory turns equals two. 


In other words, the manufac- | 


turer replaced 
every six months, on average. 

But if the manufacturer were 
to increase its turn rates to 10, 
those same sales would be gen- 
erated by just $10,000 worth of 
inventory. 

This would generate a lot 
more cash'to invest in other as- 
pects of the business, such as 


its inventory | 


| 


| 
| 


DEFINITION 


Inventory turns are a measure of how quickly a company 
replenishes its entire stock of materials or merchandise 
annually. The more turnovers there are, the less time 
inventory sits idle, which helps improve cash flow. 


the option to buy “new equip- 
ment, build a new sales organi- 
zation or to give stockholders a 
bigger payback,” says David 
Monroe, an analyst at Plant- 
Wide Research Group, a North 
Billerica, Mass.-based manu- 
facturing consultant. “It’s al- 
most like having a free loan, 
except you never have to pay it 
pack.” 

The average number of in- 
ventory turns varies greatly by 
industry and by companies 
within industry segments. For 
instance, the ratio is particular- 
ly critical in industries that 
pricing and 
low 


face significant 
competitive pressures, 
margins and fast obsolescence 
rates, Chatha says. 

These include companies in 


eee mete lee 
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the automobile, consumer 
electronics and computer in- 
dustries plus retailers of all 
types, say analysts. Companies 
in these sectors all have high 
inventory turnover rates be- 
cause the cost of holding on to 
goods in 
fast-evolving areas can be un- 
acceptably high. 

Some firms, like Dell Com- 
puter Corp. — considered by 
many experts to be one of the 
leaders in inventory manage- 
ment — have turnover rates 
that range from 30 to 40 times 
per year. 

Companies stand to benefit 
from improving inventory 
turns, even with relatively low- 
volume or slow-moving prod- 


hypercompetitive, 


ucts, because of the same cost 


factors that drive companies 
with fast-moving 
says Monroe. 

“In fact, the only industries 
where it doesn’t always help is 
i and 


need to 


products, 


in aerospace defense,” 
where the maintain 
inventories of parts for longer 
periods of time is part of the 
business model 
slower obsolescence 
says Monroe. 


Getting Better All the Time 


A study published in De- 
cember 1999 by the manage- 
ment firm Pittiglio Rabin Todd 
& McGrath in Waltham, Mass., 
found that U.S. companies 
have dramatically improved 
their inventory turns during 
the past few years. 


rates, 


because of 





U.S. inventory turns rose by 
more than 12% from 1994 
through 1998 to an average of 
5.4 annual turns, according to 
the report. During the same 
period, the average cash-to- 
cycle time — the number of 
days between paying for raw 
materials and getting paid for 
the product — improved by 
10% to 100 days, the report 
stated. 

Driving much of those in- 
ventory turns was the need to 
address falling margins and 
slowing annual growth, the re- 
port said. In addition, many big 
U.S. companies have also in- 
vested millions of dollars over 
the past several years to auto- 
mate their inventory manage- 
ment processes using sophisti- 
cated supply chain manage- 
ment tools. 

The continuing move away 
from traditional build-to-fore- 
cast manufacturing models to 
more flexible models such as 
build-to-demand, build-to-or- 
der and flow manufacturing 
are also changing the way com- 
panies look at inventories, says 
Monroe. 

The increasing emphasis on 
a fully integrated supply chain 
means that inventories barely 
spend any time sitting unused. 

“I've seen some practition- 
ers of flow manufacturing who 
move inventory so quickly that 
they utilize materials, ship 
products and bill customers 
before their suppliers even bill 
them,” Monroe says. 

Companies are also becom- 
ing increasingly aware of the 
need to improve inventory 
management and to move to- 
ward build-to-demand models 
at a time when the overall 
economy is_ slowing, 
Chatha. 

Many high-tech companies, 
including giants such as Cisco 
Systems Inc. and Murray Hill, 
NJ.-based Lucent Technolo- 
gies Inc., recently got stuck 
with excess inventories when 
the economy slowed more 
abruptly than they had antici- 
pated, reflecting how even 
well-managed _ build-to-fore- 
cast models can sometimes 
cause problems. D 


says 





@ Are there business terms you would like to learn about in QuickStudy? Please send your ideas to quickstudy@computerworld.com. 
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If what you have in mind is unlimited scalability with continuous access to data, then Brocade has 
your solution. It’s called a Storage Area Network (SAN). The enormous growth of business information along with 
the need for anytime, anywhere data access requires a new approach to data storage. A networked approach. A 
Brocade-based SAN enables your company to seamlessly add storage on demand to meet your ever growing data 


storage needs. Brocade SAN infrastructure solutions are available from leading system OEMs and integrators worldwide. 







Improve your data availability with Storage Area Networks. 
Find out how in our new white paper by visiting: www.brocade.com/avail 
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Be Wary of Annual 
Revenue Commitment 


CUSTOMER RECENTLY NEGOTIATED an agreement that called 
for an annual revenue commitment to the supplier. It’s quite 
common for a supplier to exchange pricing concessions for this 
type of guarantee from a customer. But what happens if the cus- 
tomer fails to do thé guaranteed amount of business with the supplier? In 
their excitement over getting a great discount, customers often overlook 
this point. Before agreeing to an annual revenue commitment, you must 
answer these three questions: 


@ Do we have the ability to 
meet the revenue commit- 
ment? 

gw What’s the likelihood that 
we will actually achieve the 
commitment? 

@ What if we fail to meet the 
revenue commitment? 

Ignoring these issues can re- 
sult in a costly problem such 
as — at the minimum — hav- 
ing to make up the revenue 
shortfall to your vendor. This 
alone could wipe out the great 
discount you got on the front 
end of the deal. 

In verifying your compa- 
ny’s ability to meet its annual 
revenue commitment, survey 
the end user of the product 
you're about to buy. The end 
user should share the respon- 


sibility for the commitment 
you're about to make. Review 
usage history with the end 
user so you can determine 
with a high degree of certain- 


Regardless of 
the best plans, 
estimates and 
negotiations, 
the world 
changes. 


CRE RT 


Thomas Warga was recently named 
chief privacy officer at New York 
Life Insurance Co. In this newly 
created position, Warga will imple- 
ment the New York-based compa- 
ny’s revised privacy policy to meet 
federal and state laws. In addition, 
he will manage New York Life’s 
audit and compliance activities, 

as well as its office of business 
conduct. 


Sunnyvale, Calif.-based Western 
Multiplex Corp. recently named Rita 
Khayat-Toubia ClO. Khayat-Toubia 
will be responsible for IT project 
management, application develop- 
ment, infrastructure management, 
organizational development and 
process re-engineering. She for- 
merly served as director of global 
information systems at Hoechst 
Marion Roussel AG, a German phar- 


maceutical company. Western Mul- 


| tiplex is a wireless network equip- 
| ment vendor. 


| GE Supply, a business unit of Gen- 


eral Electric Co., recently selected 


| Scott Telesz as general manager of 
| supply chain management. Telesz 
| has served in various roles at GE 


Supply. As e-business leader, he 


| played a key role in building the 


team that later launched Gesupply.- 
com. Most recently, Telesz served 
as e-productivity leader. GE Supply, 
an international distributor of elec- 
trical, voice and data equipment, is 
based in Shelton, Conn. 


| Corp. recently appointed Jeffrey 


Parker CIO. In his new role, Parker 


| is expected to implement company- 
| wide e-business capabilities that will 





ty what the optimum order 


| level should be. 
Regardless of the best plans, 


estimates and negotiations, 
the world changes. The best 
protection against a changing 
world is the “significant busi- 


| ness change” clause. If this 


clause is drafted correctly, it 
will protect you if your com- 
pany’s revenue or profit falls. 
On the other hand, if business 
booms, you can secure dis- 


counts for purchasing more of 


the vendor’s products. 
This clause should specifi- 
cally allow you to reduce the 


| level of your annual revenue 

| commitment to a vendor with- 
| out having to pay any adjust- 

| ment fees. Here is the “down- 
| turn” portion of such a clause: 


improve internal and customer infor- 
mation management among its facil- 


ities in Asia, Europe and U.S. Prior 


| to joining SensArray, Parker man- 

| aged his own systems integration 

| business. SensArray is a provider of 
| thermal measurement systems for 

| semiconductor fabrication. 


Houston-based Air Liquide America 


| Corp. recently named Steve Bellis 
| vice president of IT at its U.S. and 


Canada division. Bellis worked for 


| 10 years at Freeport-McMoRan 


Copper & Gold in New Orleans, 


| where he was most recently CIO. A 
| global provider of industrial and 

| medical gases and services, Air 

| Liquide America is a subsidiary 

| of Paris-based L’Air Liquide SA. 


| First Commonwealth Financial 
Corp. recently named Sue McMurdy 


CIO. in addition to filling this role, 


| McMurdy is president and CEO of 


Commonwealth Systems Corp., the 
data processing subsidiary of First 


If the customer is unable to 
fulfill its obligations for the 
annual revenue commitment 
due to a downturn in business, 
customer and vendor shall ne- 

| gotiate, in good faith, appro- 
| priate and commercially rea- 
sonable changes to this con- 
tract. In any event, the cus- 
tomer shall not be liable for 
any fees, charges 
| or penalties due to 
a change in the 
customer’s annual 
revenue or profits. 
This clause ef- 
| fectively hedges 
| the downside and 
| eliminates a nasty 
| contract “gotcha.” 


| Mail Bag 


Ted Vahan, a 
vice president at 
| systems integrator 
Covansys in Char- 
lotte, N.C., sent 
me this note: 
I found your ar- 
ticle in Computer- 
world about pro- 
tecting your trade 
secrets interesting [Business 
| Advice, April 9]. As a consul- 
| tant, it is a topic I have debated 
| with clients and colleagues in 
| the past. 
While I understand the need 

| for protecting intellectual 
| property, many clients want it 
| both ways — you have to have 

the experience coming in the 
| door, but they want you to 


| Commonwealth, a $4.4 billion fi- 
nancial services company in Indi- 


| Janet M. McCoy chief privacy offi- 

| cer. In this role, McCoy will develop 

| and implement the bank’s customer 

| privacy policies and oversee the 
integration of privacy initiatives 

| throughout the organization. Previ- 
ously, McCoy was manager of Sov- 

| ereign’s advertising, business and 

| consumer marketing groups. She is 

| also a founding member of the As- 

| sociation of Corporate Privacy Offi- 

| cers. Sovereign Bank is the primary 

| subsidiary of Sovereign Bancorp 

| Inc. in Philadelphia. 


leski as CIO. He is expected to be 
instrumental in expanding the com- 
pany’s IT infrastructure. Prior to his 
appointment, Piteleski served as 

| CIO for six years at H.B. Fuller Co. 

| in St. Paul, Minn. Metris, a direct 


JOE AUER is president of 
International Computer 
Negotiations Inc. 
(www.dobetterdeals.com), 
a Winter Park, Fla., 
consultancy that edu- 
cates users on high-tech 
procurement. ICN spon- 
sors CAUCUS: The Asso- 
ciation of High Tech 
Acquisition Professionals. 
Contact him at 
joea@dobetterdeals.com. 
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| leave it behind when you're 

| done! Let’s face it — you al- 

| ways stand the best chance of 
winning an engagement if you 
can demonstrate that you have 
done the same thing before. In 

fact, that’s very often the de- 

| ciding factor in awarding en- 

| gagements. 

All that being said, I think 
your article makes 
a lot of sense. How- 
ever, you should 
point out that most 
consultants want 
to get repeat busi- 
ness with existing 
clients as well as 
add new clients, 
and the best way to 
approach such sit- 
uations is to work 
it out with your 
consultant to set 
appropriate re- 
strictions that both 
parties can live 
with. 

Thank you, Ted, 
for the note. I feel 
strongly that we 
should strive for 
appropriate rights 
| and obligations that both par- 
| ties can live with. 

You're also right on when 

| you say that clients want con- 

| sultants to have related expe- 

| rience coming in the door but 

| that clients should, of course, 
be very leery of a consultant 

| they suspect might use an- 

| other client’s intellectual 

| property. D 


| marketer of consumer credit prod- 
ucts and services, is based in Min- 
netonka, Minn. 


Spirit Airlines has chosen David M. 
Anderson as its new CIO. Anderson 
previously served as CIO at Certified 
Vacations Group Inc. in Fort Laud- 
erdale, Fla., and as vice president of 
technology at GoCruiseDirect.com 
in Miami Lakes, Fla. Spirit Airlines, 
| the largest privately held airline in 
| the U.S., is based in Miramar, Fla. 
PSINet Inc. recently tapped Harry 
G. Hobbs, the company’s former 
chief operating officer, to take over 
as CEO. The Ashburn, Va.-based In- 
ternet services company also 
named Lawrence E. Hyatt chief re- 
structuring officer in addition to his 
| current roles as executive vice pres- 
ident and chief financial officer. lan 
Sharp was named chairman of the 
board of directors. He replaces 
William L. Schrader, who had been 
| chairman and CEO. 
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vertical industries. 
When you attend 
this unique confer- 
ence, you'll hear 
proven examples 
of how these IT 
Tee Cawe lye 
advanced their 

ey acecbenyacleleyens 
iaebaeleraombeneeOnelenie 


_ CONFERENCE CHAIR 


Maryfran Johnson 
Editor-in-Chief 
eieiiaa vee ce 


12:00 - 5:00pm 

GOLF TOURNAMENT FOR 
PRE-REGISTERED ATTENDEES 
7:00 - 8:30pm 
PRE-CONFERENCE EVENING 
NETWORKING RECEPTION 


oq rage 
é O31, 87:4 ; 4 
dh drhedeidl Miche diet litinenl 
7:00am - 8:00am 
BUFFET BREAKFAST 
8:00am 
WELCOME & 
OPENING 
REMARKS 
4, Alan Guibord, CEO, 
Computerworld 
Maryfran Johnson, 
Editor-in-Chief, 
Computerworld 


8:15am 


OPENING KEYNOTE: 

‘ S@@ GOING DIGITAL THE 
OLD-FASHIONED WAY: 
GM’S LEVEL-HEADED 
APPROACH TO E-BUSINESS 
Ralph Szygenda, CIO, 
General Motors 


93:00am 


PANEL |: 

IT’S MISSION IMPOSSIBLE: 
GLOBALIZATION AND E-BUSINESS 
Panel Moderator: Sarwar Kashmiri, 
CEO, EbizChronicles.com 


Ready or not, the Web is making the global- 
ization of business a reality. But pursuing a 
global strategy means more for IT than creat- 
ing a worldwide network infrastructure, set- 
ting up foreign distribution or hiring IT tal- 
ent abroad. So how does an IT Leader go 
about getting a grip on strategy to support 
the enterprise’s global business objectives? 
Our panel will share its collective interna- 
tional experience to send you off with a host 
of good ideas along with an aciion-item list. 


10:00am 
BREAK 


10:15am 


OLD RULES, NEW GAME: 
« @ BUILDING PRUDENTIAL’S 
GLOBAL E-STRATEGY 
7 Irene Dec, 
VP International Investments, 
Prudential Insurance 


WESTIN MISSION HILLS RESORT 


71333 Dinah Shore Drive 
Rancho Mirage, California 92270 


pe 


all meals and networking 


11:00am 


PANEL 2: 
THE NEXT WAVE OF 
E-COMMERCE: CONNECTING 
YOUR CUSTOMER CHANNELS 
Panel moderator: Kevin Fogarty, 
Business & Technology Editor, 
Computerworld 
The customer economy has arrived with a 
vengeance, trailing massive numbers of Cus- 
tomer Relationship Management (CRM) sys- 
tems in its wake. But integrating disparate 
CRM applications and re-architecting work- 
flow to get that mythical 360-degree view of 
the customer remains a major hurdle for IT. 
Are you tying all of your customer channels 
together — in realtime — to leverage existing 
investments in front-office and legacy appli- 
cations? This panel will bring together di- 
verse industry views on a topic that ultimate- 
ly affects every company’s bottom line. 
12:00pm 
INTERACTIVE LUNCH: 
RECRUITING & RETAINING 
TOP TALENT 
1:30pm 
E AFTERNOON KEYNOTE: 
SURVIVING THE 
REVOLUTION AND 
THRIVING IN THE 
CUSTOMER ECONOMY 
Patricia Seybold, CEO, 
Patricia Seybold Group 
and Author of 
“Customers.com” and 
“The Customer Revolution” 


2:15pm 

PANEL 3: 

WIRELESS WARRIORS AND THE 
CHALLENGE OF M-COMMERCE 
Panel moderator: Bob Brewin, 
Senior Editor, Wireless Technology, 
Computerworld 


Few technologies hold as much promise — or 
pose as many perils — as wireless networks 
and mobile computing. What are the best 
practices in deploying mobile commerce ap- 
plications that resolve security concerns and 
location-service controversies? Which appli- 
cations make the most sense for wireless 
LANs? How do you choose an architecture 
that works well for your user base? How sol- 
id is the Wireless Application Protocol 
(WAP) standard for unifying handheld de- 
vices and wireless networks? Our panelists 
will examine these core questions through 
the lens of their own experience, coming up 
with some practical recommendations for 
the next wave of wireless warriors. 


3:00pm 
BREAK 


Register today for Computerworld’s 
Premier 100 IT Leaders Conference 


vz F : 
include entrance to Computerworld’s Premier 100 IT Leaders Conference, 
receptions. 


3:10pm 
CLOSING KEYNOTE: 
THE ABILITY TO RISK 
INNOVATIONS 
Chet Huber, President, OnStar 


3:55pm 
CLOSING REMARKS 


4:00pm - 5:30pm 
SPONSOR BREAKOUT SESSIONS 


5:30pm - 8:30pm 
COCKTAIL/NETWORKING 
RECEPTION 

EXPO & BUFFET DINNER 


BUFFET BREAKFAST 
8:00am 


OPENING REMARKS 
Alan Guibord & Maryfran Johnson 


8:15am 

OPENING KEYNOTE: 

IT LEADERSHIP IN A 

CHANGING ECONOMY 

: Doug Busch, CIO, Intel 

9:00am 
PANEL 4: 
THE HEAVY HAND OF UNCLE 
SAM IN ONLINE SECURITY AND 
PRIVACY PROTECTION 
Panel Moderator: Alan Paller, 
Research Director, SANS Institute 
Wherever technology touches its citizens 
these days, the U.S. government seems to be 
there with new regulations or proposed leg 
islation. The high-tech sector remains split 
about how to approach online privacy guar- 
antees in the U.S., while the European Union 
has already adopted tough data protection 
laws that multinational companies must fol- 
low. Our expert panel will talk about strate- 
gies for keeping a step ahead of Uncle Sam in 
this uncertain, potentially explosive, regula- 
tory environment. 


10:00am 
BREAK 


10:15am 
PRIVACY - IT’S NOT JUST 
A COMPLIANCE ISSUE 
Eddie Schwartz, 
VP of Strategy, Guardent 
(former Chief Security Officer, 
Nationwide) 


11:00am 

TOWN HALL MEETING 
“ASK THE CAREER EXPERTS” 
Maryfran Johnson 


12:00pm 
EXPO & BUFFET LUNCHEON 
1:30pm 
AFTERNOON 
KEYNOTE: THE 
BEST OF BOTH 
WORLDS: THE 
SYNERGY 
BETWEEN 
OPERATIONS 
AND IT 
Laura Olle and 
Marge Connelly, 
Co-CIOs, Capital 
One Financial 
2:15pm 
PANEL 5: 
THE NEW ROI: TRACKING 
TECHNOLOGY PAYBACK IN A 
TOUGH ECONOMY 
Panel Moderator: Julia King, 
Executive Editor, ComputerworldROI 
Now is the time to recession-proof your IT 
organization, generate some new ideas and 
find new revenue streams. How is your com- 
pany using the Internet to streamline 
processes within the organization and deal 
more effectively with your supply chain? Are 
you creating online relationships with part- 
ners and competitors alike? Where can you 
use IT to create new products and services? 
Getting focused on the real business oppor- 
tunities and the ROI behind technology ex- 
penditures is the mission of this panel 


3:15pm 
BREAK 
3:25pm 
CLOSING KEYNOTE: 
ESSENTIAL INGREDIENTS 
FOR B2B MARKETPLACE 
LIQUIDITY 
Harvey Seegers, 
President/CEO, 
GE Global eXchange Services 
3:55pm 
CLOSING REMARKS 
Alan Guibord & Maryfran Johnson 
4:00 - 5:30pm 
SPONSORED BREAKOUT SESSIONS 
7:00pm 
COCKTAIL RECEPTION, 
ENTERTAINMENT AND GALA 
AWARDS DINNER 
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CABLE & WIRELESS 
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could impfave your operatic 


a 


More hospitals around the world are running 
their “life-or-death” applications on Caché 
than on any other database system. 

With proven reliability like this, you should 
consider Caché for your critical applications. 


With its lightning speed and massive scalability, 
the performance of Caché makes it a perfect 
match for any enterprise, in any industry, with a 
requirement for fast transaction-processing 
applications capable of scaling to tens of 
thousands of users. 


Caché uniquely combines robust object and 
relational technologies, coupled to a multi- 
dimensional data engine. Plus, it includes a rapid 
Web application development environment. 


Caché is backed by 24x7 support from 
InterSystems — a leader in high performance 
databases for 23 years, with 4,000,000 users 
worldwide in healthcare, financial services and 
other industries. 


InterSystems » 


Ea CACHE 


Make Applications Faster 


Download Caché for free or request it on CD at www.interSystems.com 


* InterSystems’ database technology is used by Ameritrade, Hitachi, Johns Hopkins, Kennedy Space Center, 
Paine Webber, Pepsi Cola, Prudential Insurance Co., Shell, U.S. Army, World Bank and other successful enterprises. 


a registered trademark of InterSyster 
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TECHNOLOGY 


WIRELESS Foi 
ALTERNATIVE = 


Some businesses are us- 
ing fixed wireless ser- | 
vices successfully. Ana- 
lysts say there’s room to | 
use this technology as a 
cheap alternative to Dig- | 
ital Subscriber Lines 

and T1 lines for branch 
offices and small com- 
panies. » 56 


SECURITY 
JOURNAL 


When a user’s system 
exhibits bizarre behav- 
ior, security manager 
Mathias Thurman sus- 
pects a Trojan horse. 
But when the virus 
proves elusive, he plays 
it safe — and annoys the | 


system clean. » 58 


FUTURE WATCH 


MIT futurist Michael L. 


| 

Ji 

user — by wiping the | 
| 

| 


any “THE ABILITY to track orders online from 
Dertouzos says it’s time inception to delivery is a plus,” says Joe 
to leave the Industrial  BISMa aan omc me tet 
Revolution behind and __|: SAREeemy MES mer UM ee: | 
complete the Computer |: Mitwimuurmecesis 

Revolution. Making 

machines serve people, 

instead of the reverse, 


siege BUYING PCs FOR 
VIRUS THREAT THE ENTERPRISE 


Virus signature updates 
are the bane of a securi- 


sie daeiaiaead ana ocic NUMEROUS STUDIES HAVE SHOWN that the price of a new computer is only 
How do youkeepall | a small part of the total cost of ownership. Support, maintenance and 


those antivirus pro- 


grams updated across__| other intangibles contribute far more to the sum. Those who buy desk- 
aR ACL i top computers by the tens, hundreds or thousands have taken this 


There’s no easy way, 


ee on gia | lesson to heart. When they go shopping, their list of 
which leaves them 3 e 

scrambling and users _ | desired features has very little to do with hardware. 
vulnerable. » 66 
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TECHNOLOGY 


Fixed Wireless Provides 


Network Alternative 


Technology offers fast and cheap 
Internet access for branch office 


BY MATT HAMBLEN 

ANSAS CITY, Mo.- 
Air Char- 
Team, an 
char- 


based 

ter air 

passenger 

ter company for 

VIPs, relies on fixed wireless 

technology for fast access to 

the Internet to help in book- 

ing flights and downloading 
streaming media. 

Air of the 


many small and midsize com- 


Charter is one 


panies, branch offices of 
larger companies, that analysts 
said are picking fixed wireless 


or 


technology over slower dial-up 
and broadband 


Internet access methods. Fixed 


other faster 
wireless is usually less expen- 
sive and easier to provide than 
Tl, or 
they said 

rhe charter carrier operates 
out of the old Kansas City air- 
port near the center of the city, 
where cable modems and 
Digital Subscriber Line (DSL) 
aren't available, said 
company President Joseph W. 
Air Charter also want- 


ed a less expensive connection 


fractional, connections, 


service 
Tasler. 


Il or faster connection 


wanted greater speed than 
dial-up or Inte- 
Digital Net- 


56K_bit/sec 
Service 

work, 
Air ¢ 
regularly use high-speed Inter- 
net connections for quick 
arches among hundreds of 
anes and pilots for 


harter Team's 


agents 


ility as well as to 
cess streaming video to view 
*t models and interi- 


with 1.54K bit/sec., 
of bandwidth, about 
$1,700 per month in the Kansas 
City area, compared with the 
$299 per month that Air Char- 
ter Team pays for fixed wire- 
less, which provides more than 
600K bit/sec. 

The company contracts the 
service from Computer Train- 
ing Corp. (CTC) in Indepen- 
dence, Mo., one of the many 
small fixed wireless providers 


costs 


in the nation. CTC offers T]- 
equivalent speeds for $1,000 
per month. 

“I’m very impressed with 
their service so far, and my 
only hope is that CTC doesn’t 
oversubscribe and can’t give us 
good service,” Tasler said. 

CTC officials said they use a 
proprietary fixed 
technology that operates on 
802.llb wireless technology 
usually seen in LANs with only 
1,000 feet of wireless range. 

But Air Charter Team has a 
small custom antenna on 
roof that beams an amplified 


wireless 


its 


signal about 1.5 miles away to 
the rooftop of another CTC 
customer, which serves as a 
peer in the network, and that 
customer is then connected to 
a Tl line, CTC offi- 
cials said. 

Another CTC sub- 
scriber, Barber Fi- 
nancial Management 
Inc., also in Kansas 
City, uses fixed wire- 
less to provide Inter- 
net access and e-mail 
capabilities for sensi- 
tive customer data, 
said Kent Barber, 
president of the firm. 

“We've had no security con- 
cerns,” he said. 

Analysts said there are many 
varieties of fixed wireless, in- 


Researchers Struggle With 
Problems From Hiding Data 


Legal threats haunt 
experts on data 
tracking, secrecy 


BY PETER WAYNER 
Scientists attending the Fourth 
Information Hiding Workshop 
last month in Pittsburgh 
viewed demonstrations of how 
information from 
repressive regimes and how to 
build watermarks to track doc- 
uments, and they got a lesson in 
how to use vague threats of a 
academic 


to conceal 


lawsuit to muzzle 
discussion. 

The normally uncontrover- 
sial conference focused on ex- 
ploring ways to slip extra bits 
of information into unexpect- 
ed locations. The science of 
hiding information, often 
called steganography, is gain- 
ing attention because copy- 
right holders, especially those 
in the music industry, hope to 
use the hidden bits of informa- 
tion to tag and even corral digi- 
tal versions of songs, books, 
movies and other works of art. 

The tools for creating these 


“digital watermarks” were de- 
veloped by members of the Se 
cure Digital Music Initiative 
and released in a highly con- 
trolled contest that publicly 
challenged others to test their 
strength. 

But when a group of scholars 
from Princeton University, Rice 
University and Xerox Corp.’s 
Palo Alto Center 
(PARC) ways to 
circumvent those tools for em- 
bedding copyright information 
in songs and planned to pre- 
sent a detailed paper at the 
workshop, tensions surfaced. 
The Recording Industry Asso- 
ciation of America sent a letter 
encouraging the researchers to 
keep the information secret 
and noting that they could face 
legal action. 

The group withdrew the 
paper and issued a statement 
saying, “Litigation is costly, 
time-consuming and _ uncer- 
tain, regardless of the merits of 
the other side’s case.” 

The conference was devoted 
to describing new and en- 
hanced ways to hide or lock 
information. Another group 


Research 


discovered 


ese 


TASLER: Air Char- 
ter gets fractional 
T1 speeds from 
fixed wireless. 


cluding Local Multipoint Dis- 
tribution and Multi- 
channel Multipoint Distribu- 
tion Service, which operate in 
radio spectrum licensed by the 
Federal Communica- 
tions 
The biggest provid- 
ers of such systems 
are Sprint Corp. and 
WorldCom Inc., ana- 
lysts said. 

CTC is offering its 
service in the unli- 
censed spectrum, as 
are many other pro- 
viders, said Ronnie 
Galang, an analyst at 
Telechoice Inc. in Denver. 

The biggest drawback 
fixed wireless is its dependen- 
cy on a line-of-sight connec- 


Service 


Commission. 


from Xerox PARC demonstrat- 
ed tools for hiding information 
in the background of text doc- 
uments. One approach used 
small hash lines oriented in 
different directions to encode 
the 
the size and width of the char- 
acters. Both technologies let 
people embed digital signa- 
tures into text documents. 
Many researchers wrestled 
with the problem of how to 
create watermarks that could 
be controlled by encryption 
keys. Such a system would 
work like public-key encryp- 
tion (PKI) algorithms: Only 
one person could embed the 
watermark, but anyone could 


information; others used 


test its presence. This type of | 


tool would allow companies to 
embed watermarks that act as 


Watermarks 


creating digital watermarks: 
= TYPOGRAPHIC (hash 
marks, character coding) 


= ENCRYPTION KEYS 

- Similar to PKI technology 

- Based on neural networks 

- Based on zero-knowledge 
proofs 


of 
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tion from receivers and trans- 
mitters, which makes the sig- 
nal susceptible to fog and rain, 
said Galang and Matt Davis, an 
analyst at The Yankee Group in 
Boston. 

Galang said larger organiza- 
tion that are considering using 
fixed wireless might find it 
acceptable as a backup to an- 
other network. He recommend- 
ed that if a company uses fixed 
wireless access, it should be 
purchased with a backup net- 
work based on another tech- 
nology in case of outages or 
the demise of the 
provider. 

Tasler said his backup for 
fixed wireless is resorting to 
using phones without Internet 
access to make bookings, al- 
though he has never experi- 
enced a prolonged outage. 

A market report by San Jose- 
based Frost & Sullivan in 
March said fixed wireless ac- 
cess services in the U.S. earned 
about $840 million last year 
and are expected to surpass 
$28 billion by 2007.3 


service 


digital signatures in electronic 
documents. Another approach 
used neural networks as keys, 
and a third method was based 
on zero-knowledge _ proofs, 
which allow a user to verify 
that he has the 
without revealing it. 

Other techniques used pri- 
vate keys, so the information in 
the watermark could be recov- 
ered only if the key was known. 
These techniques are more 
useful for hiding information 
in a way that can’t be identi- 
fied. Some papers described 
sophisticated techniques that 
eluded detection by ensuring 
that the hidden information 
was statistically identical to 
the surrounding data, provid- 
ing camouflage. 

Englishman Toby Sharp de- 
scribed a tool he developed 
with an unnamed friend who 
was living in a country where 
the police regularly scruti- 
nized his e-mail. The tool, 
which hid information by mod- 
ifying the least significant bits 
of an image, allowed Sharp and 
his friend to express them- 
selves without fear of reprisals. 
Sharp and his friend couldn't 
use regular encryption to pro- 
tect his privacy because the 
police blocked the messages. D 


information 


Wayner is a freelance writer in 
Baltimore. 
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The Evolution of 


Hosting Services Across 
the Web 


Web content 


iterprises in 
| i. ] | 
ve Deen quick to remind 


service 1S crucial to 


now in 


partner 

est-of-breed suppliers; regu 
define, document and refine 
both proces K velop 


easy-to-understa netrics for cohe 


eements (SLAs) 


With outsourcing adoptic er juen he supplier 
on the rise, Aberdeen research ind iarketpl as become confusing 
cates that the host M X} x product portfolios fining Hosting Services 
services market will | ue positioning. To make mat The hosting services market is the 
be worth $70 billion vorse, hosting service providers management of Internet operations 
le product differenti It is the service backbone that facili 


providers of tion and marketing efforts have tates the delivery of mission-critical 


service 

ll genres hi U | lone little to illustrate a unique valuc applications. The three elements 

to offer hosting solutions as a means proposition or target market within the hosting services environ 
to improve customer loyalty and gain Meanwhile, only some providers ment are defined by Aberdeen as con 


healthy margins to counter the com have truly demonstrated the techni nectivity services, operational host 


moditization of basic Intern cal competency to adequately sup ing services and value-add managed 
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up the 


| operations of complex 
; . 
Web and application hosting. This 


f 


layer requires the availability of a 
transaction processing database and 
plays an essential role in e-commerce 
BD Managed services These value 
add services are the hottest offeri 
in today’s expanding hosting 
portfolio Olfering expertise in sys 
tems and service management, they 
liver some combination of complex 
network infrastructure configura 
tion and management, content distri 
bution, security, storage, support and 


applications management Managed 
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margin 
<< 
bui 
tomer 


profi 
prot 


2 
t market ei 


adoption and requir 


outsourcing 


nted 
ire gaining a better ut 


ing of how it directly re 


9s companies co 

what is important w 
sidetracked. Increasingly, companies 
ire no longer viewing the o} 
of their IT infrastructure as an i 
nal competency and are willing 
I 1 off some responsibilities 
those that do 

DIT skills shortage — “Good 
is hard to fin 
than with today’s IT personnel. O 
help is found, it is difficult and ex 


pensive to retain 
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is never been truer 


de risks, outsourcing 


iccommodate for planning mistakes 


Where once simple Web p 
ison for outsourced hosting, to 


lay e-business is the key driver 


Se Caer mem) 
Cans RAMI OEM ure] 
group. Comments can be sent to 
managing editor Stefanie McCann 
at stefanie_mccann@computer- 
Oem ee leg 
custom supplements, can be viewed 
online at www.computerworld.com. 
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re by the sur 


t availability 


Hosting Service Stack 


There are three layers to the hosting 
services environment: Value, operational 
and connectivity 


itiatin 
nitiative 


prises (SMEs) wi 


ational 
services 


community, t 
hain. | 
productivity suites 
gun to gain traction using the ASP 
model. But strict requirements re 


garding the ability of the physical in 
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1 supply 


ontinued partnering 


S. has been 
tion of technology to in 
ability of 
providers, there's a key y 
structure affecting data 
pacity just outside the data 
s that many customers 
forget 
Access to our most basic technologi 
cal resource — power — is an embar 
rassing issue [or data centers 
that either cannot access enough re 
dundant power, or do not have the 
technology or expertise to properly 
monitor and mat power. But as 
loud as the energy crisis is in some 


parts of the world right now, it is a 
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rastructu 

ludes the 

nnectivity, physical 
nate control 


ngle point « 
I 


errupts any 


Where the early Internet 

data centers failed was 

in blissfully concentrat- 
ing on the four walls 
within plus adequate 
Internet connectivity. 


quired facet of the service. Where the 
early Internet data centers failed wa 
in blissfully concentrating on the 
four walls within plus adequate In 


ternet connectivity. Sin 
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ure 


operations 
inhibited by external 
companies 
ditional 
ipacity to tl 
) ability 
Iditional sot 
und 
busine 
companies 


irket focus 


sroviders with the 
| ] 
less with other complex inira 


ture istomers. Data centers 


| | 
may share In some of the revenues 


I 


erated within their walls — simi 


practices cess 


arrow all the tecl wt any 
without understanding 
the entire business process from start 
1ish, somewhere, a customer gets 
left in the dark 
Process and automation 


re establishing 


infrastructure and 
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customers 


ynfi 1 in choocino 
ire contused in choosing 


the HSP that best fits their 


HSPs, like Exodus Communi 


ly, traditior 
AT&T and WorldCom 
1 ted customers with their 
I l CX rt Is C Cl | toia Ww intrastruc 
Backup and restore gained by docun re ces. ( uae 
processes are difficult is providers d Ine., have 
CN me, | ceomicumpttagn 
let alone many s and bchem in the marketplace 
customers, and are t n_ the The competitive landscape is be 
complex even with the oe : , Fae ye sa as 
most advanced i asp 


nter 


1 me! prise customers begin to make more 
software available. bel educated supplier choices. HSPs 


I must develop value propositions and 
vailabl liabl 


pricing schedules that will resonate 
Resource planning ma with specific market segments while 
spreadsheet instead of automating Competitive Landscape providing flawless service through 
asset Management and trend analys 


\ ) out the customer life cycle 
of res s. Large and small suppl lt hosting Next, Aberdeen profiles Cable & 
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i Suite 


le & Wir 


) state-of the-art data « 


d Internet Solution Centers 


services 
1 hs oie 
quick time 
customers 
( an rom a variety 
of pr fined hardwar d soft 


ire platforms plus service optior 


to meet their unique requirements 
Jatform options include Sun Solaris 
Microsoft Windows NT, Win 

1000 and Linux. Service options in 


clude hardware configuration, soft 


vare installation, monitoring, data 
ack-up, usage network 
design, load balan 
firewalls 

Cable & Wireless’ hosting solu 
tions target a cross section of entet 
prises and service providers located 
in the U.S., Germany, France, United 
Xingdom and Japan 

Amidst today’s economic slow 


down, customers entrusting the op 
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plicat 


vith an HSP that illustr 


LJ 
le & Wi 


domai 


1ame regis 


point into host 


line site development at 


nt tools. This service 


s a simple 

e provisioned 
solution with the ad\ 
monitoring, guarantee 

sack servers 

to customize additio 
ind technical support 

DB Manc 1 Host 
& Wireless assumes the res] 
ity for dedicated server equ 
1 lated management resour 
by offering customers a portfolio 
fully managed hosting solutions 
Based on their unique requireme 
customers choose from 
hardware and software options 

Cable & Wireless also provides 
site management monitori 
services. The mz ed hosting s« 
tion is offered with a fi: 
burstable bandwidth option on a us 
age-based billing model and servi 
level agreements covering inst 
tion, network access and server avai 


ability 
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» Cable 
ickbone. It is 
ding access 


WI 


ognized in European an 
urkets, Cable & Wireless 
ll positioned 
cater to the 

1 
a com 
petitive advantage in one-stop access 


1 global high-speed network. The 
ritude of its network reach 
ind strong global reputation should 
tain Cable & Wireless as a com 
petitor in the hosting service mark 
(I, 
Dana Tardelli and Lisa Perri are 
analysts with the Aberde 
Group. This White Paper in 
cludes excerpts from Aberdeen's 
Lb 


report Hosting Services: Outsourcing 


E- busines: 
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CABLE & WIRELESS 


Delivering the Internet promise™ 


You just need to get your business online 
fast — and without the hassle and expense 
of maintaining dedicated internal resources 
and equipment. Worrying about costly 
hardware, in-house staffing and training, 


system upgrades or 24-hour support need 


to be made a thing of the past 


Our hosting solutions give 


you peace of mind 


Let us do all the worrying for you. Our 
fully managed dedicated hosting solutions 
will give you the expertise you need to 


get your business online. And with access 


to our top ranked Internet network, 
providing scalability and security in our 
state-of-the-art global Internet Solutions 
Centers — you can focus on growing your 
business while we focus on your website 


We'll help you customize a solution built 


just right for your business 


Growing your business on the Internet 
with Cable & Wireless is easy. Just call us 
at 1-888-835-3070 or visit us on the 
Internet at: www.cw.com 

No matter how smail or large your 


business is, we have the solution 
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BY JULEKHA DASH 
Matrevic Data Systems Inc. in 
DeSoto, Texas, has launched < 
three-month trial of a wearable 
storage device that it claims 
will reduce medical errors by 
collecting patient information 
in a single location. 

The application development 
and systems integration firm 
plans to enlist more than 5,000 
patients, each of whom will 
wear an 8MB flash memory 
card from Sunnyvale, Calif.- 
based SanDisk Corp. that will 
store his medical records. 

The trial is expected to 
prove that doctors don’t have 
the information they need to 
properly treat patients unless 
they have this type of device, 
according to John Trahan, Ma- 
trevic’s vice president of part- 
ner development. 

Physicians using the device 
can quickly access a patient’s 
medical history, including cur- 
rent medications, conditions, 
insurance information and pri- 
or injuries, by plugging the 
memory card into a PC 
equipped with a flash memory 

ccording to Matrevic 

Several Dallas-based med- 
ical centers, along with about 
50 physicians, will participate 
in the trial. Trahan said his 
firm plans to encourage wide- 
spread adoption of the tech- 
nology by persuading health 
maintenance organizations to 
pay for the product. 

HMOs, policy-makers and 
corporations have pushed the 
health care industry to seek 
ways to reduce medical errors 
ever since a 1999 report from 
the Washington-based Insti- 
tute of Medicine revealed that 
as many as 98,000 people in 
the U.S. die annually from 
medical errors. 


Standards Lacking 

While the military and the 
Department of Veterans Af- 
fairs have adopted personal 
storage devices, the concept 
hasn’t gained momentum in 
the health care industry due to 
a lack of standards, said 
Rishel, an analyst at Gartner 
Inc. in Stamford, Conn. For a 
storage device “to have much 
impact, there has to be nation- 
al adoption of the specific 
technology and IT standards” 
for creating a portable health 
record, he said. 

But Trahan said that the 
technology to date has consist- 


TECHNOLOGY 


Wearable Storage Device Keeps Records With Patients 


ed of smart card devices, 


| which have a limited storage 
| capacity of 70 pages plus a few 
| images. The flash memory card 


used in the trials can store 
6,000 pages of text. 

While this storage device 
could be useful for patients 


who travel, it presents a host 
of its own problems, according 


| to Richard Telesca, an analyst 


at Cambridge-based Giga In- 


formation Group Inc 

“The issue with [storage de- 
vices] is keeping t of them 
and not losing them. Ar 
lose them, do you have a bigger 
issue with privacy than . 


d Telesca said. D 


1if you 
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TECHNOLOGY 


On the Trail of an 
Elusive ‘Trojan Horse 


Could a mysterious floating cursor on one 


engineer’s screen indicate a backdoor virus? 


BY MATHIAS THURMAN 
ST SAT DOWN with a fresh 


cup of coffee when an e-mail 
popped up on my screen with a 
subject line that read: “Engineer 
ing Oracle database has been 
hacked.” A staffer had sent the message 
to all of our operations management 
personnel, plus about seven other sys 
tem and database adminis- 

trators. My first thought 


was, “Oh, great we've 


been hacked, and now the 
whole company knows.” 

I made a mental note to 
tell the staff that in the fu- 
ture, if they suspect that a 
hacker has visited them, 
they shouldn’t announce it 
to the entire company. Be- 
cause of the way our en- 
vironment is configured, 
there’s a high likelihood 
that if there’s a hack, an in- 
ternal employee is respon- 
sible, rather than an inquis- 
itive college kid. 

So then I was concerned 
that the perpetrator might 
know that we were on to him and try to 
cover his tracks. The e-mail disclosed 
that the Oracle system passwords had 
been changed without authorization. I 
immediately attribute such 
hacker, but 
someone had started the ball rolling, 
and as the security manager, I had to 
run with it. 


would 


action to a nevertheless, 


Mysterious Moving Cursor 
In addition to news of the password 
situation, I had received information 
from an application engineer about a 
reported 
cursor 


who 
His 


moving by itself, opening the Start 


month earlier some 


weird behavior started 
nd browsing around the com- 
interaction. That bit 


of information concerned me then. 


menu 
puter without any 

Now everyone thought that someone 
had gained remote control of one of our 
engineers’ computers and had hacked 
into an Oracle database from the engi- 
neer’s desktop. 

Was it possible? Absolutely. Howev- 
er, it was highly unlikely that any per- 


Ss week's journal is written by a real s 


SECURITY 
MANAGERS. 
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son who might have gained remote 
control was from the outside. We use 


network address translation (NAT), 


which means that the IP addresses of 


our desktop computers are translated 
to another IP address before leaving 
our network. It’s a common practice 
IP address 
space internally. And it also provides 


that we use to conserve 


some additional security, if 


configured properly. 

As for that Oracle data 
base, I immediately took 
an image of the system, us- 
ing the Unix data dump 
utility to copy the entire 
file system to an external 
drive. I next had the ad- 
ministrator change all of 
the the 
system. 

Then I received a tele- 
phone call from the manag- 
er of engineering. He told 
that the 
change was a legitimate 
one made by one of the 


passwords on 


password 


Oracle administrators, who 
had forgotten to commun- 
icate it properly. 

Cool — that issue seemed to be re- 
solved. Next, I wanted to address the 
issue of the floating Windows NT 
mouse cursor. My fear was that a 
Trojan horse program was in the sys- 
tem and was allowing a third party to 
gain control. Although we use NAT 
for our internal desktops, there's al- 
ways a way to bypass security. So I was 
still worried. 

A Trojan horse is a bit different from 
a virus, in that it can be disguised as 
something legitimate and attached to, 
say, an e-mail message. A virus normal- 
ly affects one file but can have a devas- 
tating effect on the file system or oper- 
ating system. 

A Trojan horse is really a backdoor 
program that can let a hacker gain ad- 
ministrative access to an infected com- 
puter at a later date. If the hacker 
named the Trojan horse something 
clever like orgchart.ppt.exe, attached it 
to an e-mail and then spoofed the 
e-mail to make it appear to originate 
from, say, the CEO, most employees 


would be inclined to accept the attach 
ment and execute it. 

Notice the .exe extension. That’s a 
bad thing. Executable programs, when 
launched, are under the control of who- 
ever programmed the executable. The 
problem is that unless you train your 
employees properly, most won't know 
the difference between a legitimate at- 
tachment (such as PowerPoint slides) 
and an executable attachment (with ex- 
tensions like .exe, .vbs and .com) 

Che one rule I continue to communi- 
cate to the entire company is to not run 
any executable program unless it’s from 
a trusted source and the program can 
be verified as legitimate. We have a fil- 
tering program that’s supposed to do 
this automatically, but unfortunately, it 
wasn’t configured properly and .exe at- 
tachments are being allowed through 
the e-mail gateway. 


Security Checklist 


Getting back to the work at hand, I 
needed to determine whether the engi- 
neer’s desktop was infected with a Tro- 
jan horse program. Such programs are 
often configured to be virtually unde- 
tectable; even the best antivirus pro- 
grams can’t find them all. 

In dealing with this security hazard, I 
could have simply had this engineer's 
desktop hard drive completely wiped 
clean and the rebuilt. That’s 
probably the 


system 


most effective 
Trojan horse, but it’s also 


way to 
eradicate a 
very disruptive to the end user. I decid- 
ed to first have the engineer go through 
a checklist to determine if the comput- 
er had been infected. 

We use a checklist I downloaded 
from the CERT Coordination Center’s 
Web site, along with my own checklist 
compiled from many different sources. 
It’s important to have multiple mecha- 
nisms for intrusion detection, and it’s 
my job to ensure that effective tools 


are in place and ready to go so the staff 


won't have to scramble at the last 
minute. It took about 45 minutes for 
the engineer to go through the check- 
lists before reporting that there were 
no indications that his system had 
been compromised. 

I now had a dilemma. Should I trust 
that the checklist was comprehensive 
and that the engineer didn’t take short- 
cuts? If I just let it pass as some weird 
phenomenon and later found that 
someone had gained unauthorized ac- 


manager better solve security problems. Contact him at mthurman@hushmail.com or head to the Security Manager's Journal interactive forum. 
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THISWEEK’SGLOSSARY 


Trojan horse: A program hidden in a 
seemingly innocent executable file that, 
when launched, may destroy data, steal 
account information and allow a hacker 
to remotely contro! a system to launch 
attacks on other systems - all without 
the user's knowledge 


Back Orifice: Advertised as a remote 
administration tool, this client/server 
utility functions as a Trojan horse. The 
hacker e-mails the server portion as a 
file attachment and renames it to some- 
thing innocuous, such as orgchart.ppt. 
exe. When the recipient executes it, the 
server installs itself and automatically 
notifies the hacker, who can gain ac- 
cess to the remote computer. 


LINKS: 


www.symantec.com/avcenter/ 
warn/backorifice.html: For more 
information on Back Orifice and other 
Trojan horse viruses, see this link at 
Symantec Corp.'s Web site 


www.cert.org/tech_tips/win_ 
intruder_detection_checklist.html: 
How do you detect a Trojan horse pro- 
gram? The “Windows NT Intruder De- 
tection Checklist” at the Web site of the 
CERT Coordination Center at Carnegie 
Mellon University is a good start. 


www.cert.org/tech_tips/win- 
UNIX-system_compromise.html: 
Been hacked? CERT's “Steps for Re- 
covering from a Unix or NT System 
Compromise” is a well-written checklist 
that shows how to recover. 


cess, I would have some serious ex- 
plaining to do. I could have run 
through the checklist myself, but the 
computer in question was located in a 
remote office. 

Well, I can’t be everyone's friend, 
and I'd rather be safe than sorry. So I 
had the IT person at the remote office 
wipe the system clean and rebuild it. 
The engineer was quite mad at me, 
complaining to his manager about how 
this was going to affect his productivity, 
that he had wasted his time going 
through the checklist, that it was just 
some weird computer glitch and that he 
hadn’t downloaded an executable file 
or e-mail attachment. 

I guess you can’t be an effective secu- 
rity professional without gaining some 
resentment or being called a barrier to 
productivity (and other names I’m not 
and probably never will be privy to). 
But in this job, I suppose it’s all in a 
day’s work. D 


>urity manager, “Mathias Thurman,” whose name and employer have been disquised for obvious reasons. It’s posted weekly at www.computerworld.com to help you and our security 
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THEY’D HEARD THIS WORLD WAS OPEN... BUT THIS OPEN? 


DB2 ror LINU 


i THE MOST SCALABLE LINUX DATABASE ON THE PLANET i 


' IT’S A DIFFERENT KIND or WORLD. 
© business software ibm.com/db2/open YOU NEED A DIFFERENT KIND or SOFTWARE. 
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Complete the 
Revolution 


The Information Revolution won't fulfill its promise 
until we stop thinking as though we're still in the 
Industrial Revolution, according to Michael L. Der- 
touzos, director of MIT’s Laboratory for Computer 
Science. After 40 years of building computers, little 
has changed, says Dertouzos, the author of seven 
books, including his latest, The Unfinished Revolu- 
tion: Human-Centered Computers and What They 
Can Do for Us (HarperCollins, 2001). The future of 
computing lies in “making systems serve humans,” 
he says. “That must be our goal.” Computerworld 
writer Sami Lais interviewed Dertouzos about the 
future of computing 


You talk about human-centric computing, in which the 
computer isn’t a single device but a room where 
computing is around you and in the air. How is that 
different from pervasive computing? There is a lot 
of confusion between pervasive or ubiquitous 
computing on the one hand and human-centric 
computing on the other. They are not the same. 
Pervasive computing implies a lot of equipment, 
where the focus is on a lot of devices that are 
themselves computers. Human-centric comput- 
ing, however, focuses on the human. Today, 
computers are hard to use. If we make them 
more pervasive and use more of them, there will 
be that much more aggravation around us. By 
focusing on human-centered systems, we de- 
clare that our goal is to serve humans. Whether 
that calls for more or less stuff is secondary. 


In the future computing model you describe, interaction 
will be speech-activated. Why? Much of it will in- 
volve speech understanding, not just speech ac- 
tivation. Speech is natural for people, hence 
easy to use. That’s why human-centered sys- 
tems need to have speech. Remember, the fun- 
damental thing that will set human-centered 
systems apart is that the computers will serve 
you. They won’t care how you communicate — 
whatever way is most comfortable for you. Iron- 
ically, computing will follow an old model. It’s 
one that is unsavory for humans but perfect for 
machines, and that is the many-dumb-servants 
model. The software that serves you will not 
take human form like a robot, nor will it have a 
fuzzy face and big ears. It will simply involve 
programs that sit there doing the things you 
want them to do. 


Pervasive computing is beginning to be fact: With cell 
phones, laptops and handhelds, we can work pretty 
much anywhere. How long before the transforma- 
tion that lets us do this and more, simply by talking 
to a room? Pervasive computing is easy. It’s what 
we already have, only more of it. Human-centric 
computing will take a shift in thinking, and it 
will take time for vendors to offer hardware and 


WHO HI 


MIT futurist Michael L. 
Dertouzos says making 
machines serve people, 
instead of the reverse, 
will transform the way 
we live and work. 


IS 


software that expresses it. But work in human- 
centric systems goes on. It has for some time, 
first at the University of California, Berkeley ... 


Carnegie Mellon University, Georgia Institute of 


Technology [and] the University of Washington. 
Of course, at the Oxygen Project at MIT. And a 
lot of work is being done in speech recognition 

. at IBM and Philips and Microsoft. We're 
starting to see a lot of start-ups in this area, and 
that’s always an indication of a technology that’s 
heating up. 


What will it take to cause commercial IT developers 
to embrace the concept of human-centric comput- 
ing? It’s already happening. Microsoft has an- 
nounced Hailstorm, a user-centered computer 
environment, as they call it, part of their .Net 
system. Ultimately, successful prototypes of 
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human-centered systems will cause start-ups 
and big companies to go after the new forms. 


| You say we have to change our attitudes, too, and make 
them more human-centric. What do you mean? 
Take e-mail. We have to do something or we'll 
all drown in e-mail. [One survey says that peo- 
ple] spend an average of an hour and a half a 
day on e-mail. That’s a ridiculous time, and it 
will get 10 times bigger in the coming decade, 
as new users join and current users devote 
more time to e-mail. Surely, people won’t spend 
15 hours a day on e-mail. And you can only do 
a little bit by machine. I spend an average of 
18 seconds on each e-mail, because I’ve set up 
push-button-action responses, but even so, I 
am only delaying the arrival of my total over- 
load point. We have to start using metadata 
and XML to put labels on e-mail that describe 
what’s in the e-mail messages so that we and 
our machines can select or reject the e-mail 
that comes in. Ultimately, you and I have to 
change our attitudes and trash a lot of the mail 
we get. Just because we have become intercon- 
nected, we have not acquired the right to bother 
other people with our writings, nor the obliga- 
tion to respond to them. E-mail is not going to 
change thousands of years of socialization. 


Will there be a backlash against technology? Not a 
backlash, but how much better off we'll be with 
tomorrow’s human-centered systems depends 
on the individual. Look at it this way: You can 
divide people into their principal components. I 
like to think of the individual as a four-cylinder 
car: The four cylinders are our physical, ratio- 
nal, emotional or artistic and spiritual dimen- 
sions. Most technologists run on only one or 
two cylinders, generally the rational and physi- 
cal. Humanists run on just about the same num- 
ber of cylinders: the physical and artistic. So 
if you're a technologist or a business person 
focused on planning and getting things done, 
you'll be incredibly better off with computers. If 
you're an artist, you'll be only marginally better 
off. You'll have tools to do your creative work, 
but you won't be able to write or paint better. 
And if you’re a monk, forget it. You won’t be 
better off, because spiritual activity is primarily 
internal to people. I'd like to see us all learn 
how to run on all four cylinders. To me, that’s 
what it means to be human. 


CEOs want their CiOs to be technology visionaries who 
also deliver a solid return on investment. In this 
context, how does an IT manager embrace the 
human-centric future you describe? Sorry to toot 
my own horn, but [he] starts by reading my 

book. Then, [he] browses the Web and reads 

about these other efforts I’ve told you about. 

[Then he] undergoes a total brainwash by focus- 

ing on having systems serve people, rather than 
the other way around. Look at today’s speech 
systems. What are the 200 start-ups doing with 

| speech? Can you use speech in your business? 

Then look at automation. Can you automate 

| stuff people do that does not require intelli- 

gence, so you can relieve them of this work? 

| 





Can you help your people work across space 
and time more effectively? Can you customize 
| your systems to your people’s individual needs? 
It’s not enough to say you support the ideas. 
You must show it in every action. D 
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THE VISITORS’ UNIVERSE NEEDED CUTTING-EDGE TECHNOLOGY. THIS UNIVERSE HAD IT. 


DB2 ror WINDOWS 2000 


: TWICE THE POWER OF ORACLE A FRACTION OF THE PRICE 5 


IT’S A DIFFERENT KIND or WORLD. 


@ business software ibm.com/db2/windows YOU NEED A DIFFERENT KIND or SOFTWARE. 
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TECHNOLOGY! i: 


HAT DO YOU LOOK FOR ina new 

desktop PC? A big, bright screen? 

Zippy new processor? Capacious | 

hard drive? Acres of RAM? Sorry, 

none of these is a real concern for 
corporate PC buyers. What they’re looking for proba- 
bly isn’t even in the machine. 

Numerous studies have shown that the price of a 
new computer is only a small part of the total cost of 
ownership (TCO). Support, maintenance and other 
intangibles contribute far more heavily to the sum. 
Those who buy desktop computers by the tens, hun- 
dreds or thousands have taken this lesson to heart. | 
When they go shopping, therefore, their list of de- 
sired features has very little to do with hardware. | 
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service in Maynard, Mass. That’s why many corpo- 
rate buyers want their machines to be able to handle 
current operating systems and anticipated new ones. 
While many enterprises use Windows 9x or NT, they 
must be able to make a possible transition to Win- 
dows 2000 or Me. In addition, any planning for three 
to five years into the future must take into account 
the appearance of even newer operating systems. 
Primarily, that means having sufficient hard disk 
space and RAM. What constitutes “sufficient” is in 


| the eye of the buyer and not in the rosy “minimum 
| requirements” offered by operating system vendors. 


Connectivity. Networked machines are a given in cor- 
porate life, and Internet-worked machines are be- 
coming a given. Buyers need machines equipped 


Buying PCs 


For 


The 


Corporate PC buyers rank flexibility 
ownership well ahead of specific hardware features. Smart 
vendors are meeting those needs. By Edmond X. DeJesus 


nter 


Smart vendors are paying attention to this and ad- 
justing their offerings accordingly. 


Hardware Necessities 
Corporate buyers recognize that certain aspects of 
candidate PCs are essential, including the following: 
Solid performance at reasonable price. Whenever you 
see magazine reviews of PCs, one editor’s choice will | 


inevitably be a supermachine to die for: primo com- | 


ponents, primo design, at a primo price. Just turn the 
page. Corporate buyers know that their users proba- 
bly aren’t mapping the human genome or plotting tra- 
jectories to Saturn. They’re doing word processing, 
order entry, sales contact management, programming 
and other essential business tasks. They need solid, 
competent machines at a reasonable price, not the lat- 
est whiz-bang. “Mainstream machines from respected 
vendors are going to do the job fine,” says Bob Jorgen- 
son, a spokesman for The Boeing Co. in Seattle. Buy- 
ers know that, so they’re not looking for more. 
Operating-system-ready. “A change in operating sys- 
tem is the most disruptive upgrade an enterprise has 
to face,” says Paul Neilson, vice president of techni- 





cal support at Monster.com, an online job-placement 


prise 


and total cost of 


| with reliable network interface cards or even wire- 


less LAN capabilities. “With fewer cables to worry 
about, wireless LANs contribute to the flexibility of 
the workplace and the simplicity of PC deployment,” 
says Matt Heller, vice president of operations at 
GoTo.com Inc. in Pasadena, Calif., which provides 
online search services to tens of thousands of affili- 
ate partners and has more than 30,000 advertisers. 
Many organizations are planning for Internet-based 
applications and need machines ready to make fast, 
reliable and secure connections. “Connection perfor- 
mance and ports are prime factors for us,” says Chris 


| Carrara, IT manager at Sartorius AG, a global lab 


technology manufacturer in Goettingen, Germany. 

Laptops as desktops. Notebook computers, whether 
docked to a keyboard and external monitor or used 
au naturel, are supplanting traditional desktops as 
the standard office machine at many companies. The 
reasons include flexibility, mobility and productivity. 
“We’re growing our business. It’s easier for IS to 
hand an employee a notebook than to install a desk- 
top,” says Heller. If employees need to move within a 
facility, or even to a new facility, it’s simpler for them 
to pick up their notebook and go there than it is to 
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pack, ship and reconnect a desktop. “Notebooks 
make it possible for employees to remain productive 
when away from the office, whether at home or on 
the road,” says Jorgenson. Of course, even deskbound 
employees can use a notebook. 

The traditional arguments against notebooks are 
their price compared with desktops, the rougher 
handling they endure and the difficulty of supporti 
machines away from the office. For many orgar 
tions, the higher price of laptops isn’t significant ¢ 
en the increased productivity and 
ment they offer. “We look for rugged notebooks that 
stand up to all environments and frequent travel,” 
says J.B. King, CIO at Fluor Signature Services, a unit 


ase of deploy 


of Fluor Corp., an engineering and construction firm 
f. Standard testing for notebook 
art of vendors’ pitches. 


in Aliso Viejo, Cal 
robustness is becoming 

Finally, buyers tend to favor vendors who can 
demonstrate painless nationwide — and worldw 
— support for their machines. 


However compelling a machine's technology, cor- 
porate buyers won't touch it unless its vendor can 


TECHNOLOGY 


y essential nontechnology requirements. The 
following considerations all contribute to reducing 
total cost of ownership: 

Ease of purchase and deployment. Buyers want pur- 
chasing to be an easy process, and you'd think ven- 
dors would feel the same way. However, while some 
sat efforts in smoothing the 
potholes in their ord sses, others haven't. 
Vendors that offer online ordering and extranet sup- 
port for customers are more appealing to buyers. 

“The ability to track orders onl 
to delivery 
Group In 
Norwalk, Cor 
that offers such tracking. Sp 
rapid deployment to employees, 
delivery boosts global rollouts. 

Besides getting it fast, corporate buyers want to get 
it right, too. Vendors that offer buyer-specific ha 
ware configurations, such as Compaq Computer 
Corp. and Dell, earn the gold stars here. “It’s impor- 
tant that we are able to supply standard configura- 
tions to remote sales partners with nationwide sup- 
port,” says Rick Beardsley, IT director at Indoff Inc., 


vendors have made 


ing proc 


e from inception 
s a plus,” says Joe Puglisi, CIO at Emcor 
. a global construction conglomerate in 

n. Dell Computer Corp. is one supplier 
ed of delivery aids in 

d international 


gid tee ttt ee 
Oe Ur emi 
and consistent,” says 
BT ate) Oe 
Emcor Group Inc. 


1 


a fast-growing drop-ship distributor 
iSO Saves tll 


Software preco 

sures uniformity. 
“Dell allows us to create 

software — operating 

even our own customized and proprietary apps — 

that they then load onto n bef 


guration a 


chines t they s 
says Neilson. This saves the systems ft f load 
ing and testing the software themsel 
ing off to the employees. 

Stable platform. All this precon 


worth a whistle if a product line char 
worse, ceases production. Corporate 
product lines that don’t change, w1 
to the vendor tendency to consta 
dle with machines in the never-endi 
momentarily, the best. “We prefer product 
are uniform and consistent,” says Puglisi 

King concurs, addi 
we can keep buying for at least 18 
blame them. Every component cl 
er driver to keep track of, another 
and support, another potential glitch to bog down IT 
staffers and rev up the cost meter. 


1g race to 
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Stability is important for other reasons, too. One 
goal of a successful corporate PC purchase is to min- 
imize the impact on the user. Ideally, the employee 
should be able to start using his new machine as 
soon as he gets it, with no down time or lost produc- 
tivity. This implies minimal change for the user. The 
more the new computer looks and acts like the old 
computer, the better. Most buyers are shooting for a 
low learning curve and a simple migration. That’s be- 
cause organizations realize that even if they don’t 
have a budget for new computer instruction, they 
still have to pay for that education. If they reduce 
that cost, they have a winner. 

Platform stability also influences service and sup- 
port, especially with regard to spare parts. “It’s no 
good maintaining a complete inventory of spares we 
can rapidly swap in and out if the new machine does- 
n't use the same components,” says Heller. Vendors 
who shop around to buy equivalent parts for the ma- 
chines they sell may be saving money in one way. 
However, to corporate buyers, nothing short of iden- 
tical machines will meet their criteria for simple sup- 
port. They’re going to look under the hood, and 
they'd better see the same thing every time they do. 

Service and support. Corporate buyers aren’t interest- 
ed in 30-minute waits when they call a vendor's tech 
support hotline. If they don’t get fast and accurate 
resolution of all difficulties, they'll take their busi- 
ness elsewhere. If a vendor has been doing its home- 
work, it will be using the known hardware and soft- 
ware configurations of the machines provided. In 
this way, the uniformity of product line and the de- 
tailed preconfiguring of machines can work to the 
vendor’s advantage. 

Vendors like Dell shrewdly enlist the buyer’s own 
staff to provide expert frontline service for their ma- 
chines. An online system of training allows company 
employees to earn certified technician accreditation. 
This is a major win-win strategy. It allows customers 
to get the fastest service and support imaginable, 
since their own employees are providing it. That gets 
users up and running again fast. It also allows the 
vendor to minimize calls and on-site visits. The Dell 
program has an additional plus. “Once an Emcor em- 
ployee becomes an official technician, they can order 
spare parts more rapidly and simply than by going 
through the usual channels,” says Puglisi. 

Vendor support should be ubiquitous. If a corpo- 
rate buyer sees a vendor with only a handful of ser- 
vice locations, he’s going to look for another vendor. 
Organizations want to make sure that their users can 
get service wherever they may be, especially on the 
road. Some vendors arrange for extranet support so 
remote users can obtain access to software and other 
files from the Web. That can save a lot of time and 
difficulties on both ends. 

Global presence. Many corporations have an interna- 
tional presence and prefer vendors that are also glob- 
al. Part of this involves support: Companies want 
their overseas travelers to have vendor locations 
nearby. However, more of it has to do with initial de- 
ployment. If a company is opening an office in a new 
country, managers don’t want their employees twid- 
dling their thumbs waiting for PCs shipped from the 
home office. They want a local vendor representative 
who can provide the same machine as the folks back 
home. Vendors that can substantiate claims to inter- 
national availability have great leverage. 

“One reason we chose Toshiba is their truly inter- 
national scope,” says GoTo.com’s Heller. “As we ex- 
pand globally, we can be confident our people are us- 
ing the same devices and getting the same support, 
everywhere.” 
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Relationship. Don’t we all want someone we can 
trust? Corporate PC buyers are no different. They 
want a vendor they can build a relationship with, and 
that involves qualities beyond price and components. 
After all, a company relies on a vendor’s products to 
support its business. Shouldn’t the two parties treat 
their dealings with each other as more than a trans- 
action? “One [chief technology officer] of a major 
outsourcing provider ranks a trustworthy and de- 
pendable relationship as one of their top criteria,” 
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says Richard Cheston, director of manageability at 
IBM’s Personal Computing Division. 

Some vendors clearly don’t think so. They want to 
move boxes, period. However, for those vendors will- 
ing to make a commitment, corporate PC buyers are 
more than ready to reciprocate. They'll do almost 
anything to lower TCO. D 


DeJesus (dejesus@compuserve.com) is a freelance tech- 
nical writer in Norwood, Mass. 


Corporate PC Buyer’s Checklist 
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Includes wireless LAN? 


Tiere Teg 


TOTAL COST OF OWNERSHIP 


AOC CU Rm Regia QO Yes ONo 


etm iret ed Yes ONo 


Customer access to extranet? Yes ONo 


eta a ea Q Yes QNo 


Customer-specific configuration? Yes ONo 


ST emcee Lig O Yes ONo 


Product available long term? Yes ONo 


Same product components? Yes ONo 


ecu @-U ETE le) eRe ely ied Q Yes ONo 


OES eee (ele Yes ONo 


Support available globally? Q Yes QNo 


Train customer technicians? QYes QNo 


NTE EPL Ri ie Yes ONo 


Be Cee NEUP meng Q Yes ONo 


CRC r MR Um Cl ee Q Yes OONo 


Vendor 2 Vendor 3 


Q Yes ONo Yes ONo QYes ONo 


QYes QNo Yes UNo QYes ONo 


Q Yes ONo Yes ONo QYes ONo 


QO Yes QNo Yes OONo QYes ONo 


QO Yes ONo Q Yes OINo Yes ONo 


Yes UONo Yes OONo Q Yes CINo 


QYes OCINo Q Yes CONo Yes OINo 


QYes UONo Yes OONo Yes ONo 


Yes ONo Yes ONo Yes QONo 


Yes QONo Yes QNo Yes QNo 


Q Yes ONo Q Yes QNo QYes QNo 


QO Yes QNo QYes OINo Yes QNo 


Yes ONo Yes QNo OYes QNo 


Yes QNo Q Yes GNo Yes QNo 


QYes QNo Yes ONo QYes QNo 


aS ee ee oo 





250 PEOPLE WHOSE IDEAS 
YOU'D LOVE TO STEAL. 


(HEY, WHY NOT DO IT OVER DRINKS?) 


Announcing the 2nd Annual http://ctoforum.infoworld.com 







The CTO Forum is the only event of its kind, created by CTOs for CTOs. For three days, an elite group of 250 of the movers FLOR TLCais 
MUA esac ACeM COULD Le) elle Mele SAVM TTR MeL OO COR OULU MORSE LULORUUCOUMUINS LL ACCU L eS) | TAN UN LACUNA 
SEAMEN TN CMMI Are) AMON ALCS OOO LMC Mae LLCO YOU San Francisco. 


Request an invitation now to the Ultimate Peer-to-Peer CTO event. Go to http://ctoforum.infoworld.com today. 


om EEAINSTS Benen seni ihaamasnnehengoamhangetins 








Industry-leading speakers include: | Among the topics to be discussed are: 
CN enamels Peer-to-Peer Working in Real Time 5 
Bill Raduchel, CTO, America Online, Inc. Strategies for Corporate Transformation uuied/g ctoforum.infoworld feu) 


Ray Ozzie, Chmn., Pres. and CEO, Groove Networks Apps on Tap: Building the Virtual Global Entity 





PARTNER SPONSORS CONTRIBUTING SPONSOR 


G c 
INTERNET Rational ky ORACLE @ VIGNETTE 


SECURITY 
SYSTEMS 


SOFTWARE POWERS THE INTERNET 


NetworkAppliance’ 





TECHNOLOGY 


Virus signature updates are 

a continuing headache for 
security managers, who want 
better tools. But can vendors 


deliver? By Robert L. Scheier 


OD security man 
Bakker can’t be too 


As senior security architect 
at eHealthDirect Inc., a Lex 

ington, Mass.-based health care appli 
cation service provider, he’s responsi 
ble for safeguarding sensitive health 
» claims data. Like many security 
professionals, he uses antivirus prod 


from several vendors to be sure he 


always gets the latest virus patches and 
descriptions 

His problem, though, is making sure 
all of the updates from all of the ven 
dors are distributed at the right time to 
the more than 150 workstations and 
approximately 50 servers on his net 
work. He and one staff member must 
do much of that work manually, which 
chews up time and can lead to errors. 
‘There are a dozen or more companies 
manufacturing antivirus-type prod- 
ucts. It would be really nice to see all 
of those companies get together and 

>a common console” to help man 

age the update process, says Bakker 

But until antivirus vendors release 
such a tool, security administrators 
must rely on a hodgepodge of update 
tools, manual procedures and a “de- 
fense in depth” strategy that extends 
to servers, such as those that 


handle e-mail, in hopes of catching 


viruses before they hit the desktop 

Most antivirus tools today work by 
scanning for specific known viruses, 
looking for “signatures” such as par 
ticular file names or certain types of 
e-mail attachments. But with as many 
as a dozen major vendors issuing regu 
lar signature updates, keeping hun 
dreds of desktops and servers up-to 
date can be more work than busy sup 
port staffs can handle. And some an 
tivirus products also require updates 
for the engine that scans for viruses 

Jesper Johansson, an assistant pro 
fessor of information systems at 
Boston University, cites one major 
company, which he declined to identi 
fy, whose PCs’ virus lists haven't been 
updated since the machines were de 
ployed 18 months ago 

According to John Pescatore, an ana 


lyst at Stamford, Conn.-based Gartner 


Inc., “At Gartner, we're declaring signa- 


ture-based antiviral [protection] at the 


desktop to be dead. It’s providing near- 
zero value today, mainly because of the 


lag in updating the signatures.” 
Updating is easier on servers be- 
cause there are fewer of them than 


there are desktops or notebooks, and 


servers spend more time linked to the 


Web, where they can capture virus 
updates distributed by vendors. But 
security managers must still make 


sure every system has the proper up 
dates to protect their companies from 
hackers 

Sean Mahon, manager of security at 
an East Coast financial services firm, 
estimates that he’s able to keep 97% of 
his Windows-based systems up-to-date 
with the latest virus definitions from 
Symantec Corp. in Cupertino, Calif. 
“I want to bring it up to 99.9999%,” he 
says, adding that he wants to automate 
the update process to stop virus at 
tacks more quickly 


Rising Threat 


The need for up-to-date virus pro 
tection is greater than ever before, say 
security managers and analysts, be 
cause of the increasing importance of 
e-commerce and e-mail, which expose 
corporate systems to more hackers. 

Some newer viruses can infect sys 
tems running Microsoft Corp.’s Out 
look and Outlook Express e-mail 
clients when a user first opens an in- 
fected e-mail, unlike earlier viruses 
that required users to open attach- 
ments, says Brett Eldridge, co-founder 
of OneSecure Inc., a Denver-based 
firm that builds and manages secure 
networks. Microsoft has issued a patch 
against such attacks, he says, but “you 
have to distribute that patch to all your 
users,” including those who aren't 
linked to the corporate network. 

Buying and distributing updates 
from multiple vendors may be a head- 
ache, but it’s crucial that you get the fix 
for any future virus as soon as it be- 
comes available. “I can’t rely on just 
one manufacturer,” because it’s impos 
sible to know which vendor might 
come out with the solution to the next 
Melissa virus fastest, says Bakker. 

With all this manual work, it’s no 
wonder security administrators long 
for a single tool that would let them 
schedule virus updates, coordinate 
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their rollout and confirm when they’ve 
been completed. 

Several leading antivirus vendors 
say they have no plans to develop such 
a cross-platform console. “There is no 
need for multivendor antivirus” pro- 
tection, because the major antivirus 
vendors issue patches for new viruses 
“within a couple of hours of each oth 
er,” says Gary Ulaner, group product 
manager for Symantec’s Norton Anti- 
Virus Corporate Edition. Besides, he 
adds, any vendor that built such a con- 
sole “would be basically admitting that 
their full complement of products is 
not a good approach.” 

However, McAfee, the antivirus divi- 
sion of Santa Clara, Calif.-based Net- 
work Associates Inc., plans to take the 
first step toward such a console, with 
the expected release of Version 2.0 of 
its ePolicy Orchestrator this month, 
says product marketing manager Ryan 
McGee. It will provide a networkwide 
view of which client machines are pro- 
tected not only by McAfee but also by 
Symantec and Cupertino, Calif.-based 
Irend Micro Inc., he says, with future 
releases possibly adding the ability to 
monitor servers and other devices to 
determine if they have updated virus 
descriptions. But producing a console 
that could actually manage tools from 
multiple vendors would require closer 
cooperation among antivirus vendors 
than exists now, McGee says. 


Making Do 


In the meantime, security managers 
are using a mix of vendor-specific up- 
date tools, manual processes and some 
third-party software to perform virus 
updates. One method is to download 
the latest antivirus definitions as part 
of the user’s log-in to the network. 

Andy Benson, network manager at 
Schwartz Communications Inc., runs 
the Norton AntiVirus product for Net- 


MANAGING THE 
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It would be really 
nice to see all of 
those [antivirus soft- 
ware] companies get 
together and have < 
common console. 


PHILL BAKKER, SENIOR SECURITY 
ARCHITECT, EHEALTHDIRECT INC. 


TECHNOLOGY 


Ware and for Windows NT at the Wal- 
tham, Mass.-based public relations 
agency. Every Monday, he makes the 
download of any available virus up- 
dates an optional part of the log-in 
process for his 200 users, which he es- 
timates keeps 90% of his client sys- 
tems updated. While the updates take 
too long for most remote users, he 
says, those systems are usually updat- 
ed when a user returns to the office 
For each antivirus product, security 
managers can use the management 
console included within the products, 
such as the Symantec System Center 
central management console and 
McAfee’s ePolicy Orchestrator. Compa- 
nies running Microsoft Corp.’s Systems 
Management Server (SMS) can use 
software distribution tools written for 


SMS, such as Cognet 3.5 from Cognet 
Corp. in Valhalla, N-Y. Mahon uses both 
an update written into the log-in script 
and the Cognet tool to distribute virus 
definitions to his users. 

Another option, says Eldridge, i 
Mountain View, Calif.-based Marimba 
Inc.’s change management tools based 
on its Castanet and Timbale content 
distribution technology. 


Developing a Strategy 

Until someone discovers the Holy 
Grail of antivirus management, analysts 
and security managers recommend 
making antivirus updates as easy as 
possible for users by creating a defense 
that doesn’t rely only on desktop an- 
tivirus updates, along with fine-tuning 
your procedures for finding and stop- 
ping virus outbreaks. This approach re- 
quires “putting in multiple layers of se- 
curity, so if one fails, another one will 
catch something,” says Eldridge. 

Besides putting antivirus packages 
on every client, for example, many 
administrators use virus scanners on 
e-mail servers. Keeping client-based 
scanners up-to-date is vital, because 
viruses in encrypted e-mail can escape 
server-based scanners, Eldridge says. 

Eventually, the need to perform such 
cumbersome updates at the desktop 
will fade as antivirus vendors produce 
tools that identify viruses by detecting 
their suspicious behavior, not by com- 
paring them to a list of known virus 
signatures. 

Pescatore predicts that such behav 
ior-based tools will be most popular 
on harder-to-update desktops and 
notebooks. Signature-based antivirus 
tools will continue to be used on e-mail 
and other servers, he says, because it 
takes less processing power to scan for 
a list of known viruses than to dynami- 
cally analyze the behavior of incoming 
files or e-mail. 


My Kingdom 
For a Console 


IT managers say they want antivirus 
management tools that can 


= Coordinate and manage antivirus 
updates from multiple vendors 


@ Monitor client and server hardware 
for current antivirus definitions and pr 


vide reports to security managers 


= Coordinate, schedule and quaran 
tine updates automatically until they're 
checked for safety 


w Provide alerts when new antivirus 
definitions are released, and take pre 
ventive measures (SUCN as DIOCKINgG 
certain e-mail attachment types) while 


ting for vendors to release virus 


patches 


McAfee’s Outbreak Manager tech 
nology, which ships in several of the 
company’s antivirus tools, allows ad- 
ministrators to define suspicious be- 
havior, such as when an e-mail attach- 
ment tries to read a user’s e-mail ad- 
dress book, and to define which ac- 
tions to take if the behavior is spotted 
Symantec already ships its Blood 
hound technology, which examines 
code for suspicious behavior, in the 
scanning engine used throughout its 
product line, says Ulaner. 

But such heuristic tools wil 
complement rather than ref 
ture-based antivirus weapons for the 
foreseeable future, observers say. And 
that means security managers will 
keep searching for easier ways to keep 


their antivirus weapons up-to-date. D 


Scheier is a freelance writer in 
Boylston, Mass 
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Start-up Profits From 
E-Legal Activities 


DataCert automates the bill tracking 
process for corporate legal departments 


BY AMY HELEN JOHNSON 

HE HOME DEPOT 
Inc. receives 8,000 
legal bills every 
month, says Libby 
the 


chief systems specialist in the 


Troughton, 


building supply retailer’s legal 
hat ; 
makes it 


volume of 
difficult to 
which 


department 
paper 
monitor the law firms 
Home 


case 


Depot pays on a per- 


basis. So Troughton is 
working on a with 
DataCert Inc 


bill presentment and payment 


project 


to automate the 


processes 
The will 


Home Depot a way to collect 


new system give 
and analyze its billing data, she 
says. It will also help the At- 
lanta-based retailer save mon- 
ey by reducing the number of 
clerical employees needed to 
chores, 


handle accounting 


monitoring compliance with 


corporate guidelines — such as 
checking that outside firms ad 


here gotiated rates for 
things like faxing and making 
copies, and cutting checks 
faster so the company can earn 


discounts for speedy payment 


Setting a Precedent 


Although legal departments 
have wanted to move to elec- 
tronic billing for years, there 
isn’t a common document for- 
mat used throughout the in- 
that the 


process, says Eric M. Elfman, 


dustry will ease 
president and CEO of Hous- 
DataCert. Many 


small law firms still generate 


ton-based 


unique paper invoices, he says. 
By acting as a middleman 

validating and reformatting le- 
gal invoices to comply with 
XML data like the 
Legal Electronic Data  Ex- 
change Standard 2000 — Data- 
ShareDoc/Legal Web 
service can offer customers the 
XML-formatted data 
necessary for online 


schemata 


Cert’s 


clean 
that’s 
transactions. 

Elfman says that the Share- 
Doc/Legal service works even 
if the source document is a 


print file. All DataCert needs is 


a digital representation from 
which to scrape data; it will 
generate a translation scheme 
from the outside 
file 


client’s format 


to convert 


counsel's format to the 


Law firms can send bills to 
their corporate clients by log 
ging onto the ShareDoc/Legal 


which 
should receive the bill 


Web 
client 
and then uploading the docu 
ment. ShareDoc/Legal 
the translation and validation, 
then sends the resulting XMI 


site, choosing 


does 


data to the client company. The 
law firms don’t have to install 
any hardware or software. 

Web 
says Elfman, DataCert can en 


By using a interface, 
force security through public 
key infrastructure encryption 
and digital certificates without 
modifying the law firms’ sys 


CEO ERIC M. ELFMAN says DataCert has plans to move into new 
markets such as health care and insurance. 


DataCert Inc. 


Location: 3100 Timmons, Suite 
310, Houston, Texas 77027 


Telephone: (713) 572-3282 


Web: www.datacert.com 


The technology: Secure legal 
invoice and document exchange 
Why it’s worth watching: Data- 
Cert's technology translates invoic- 
es into standard formats for easier 
processing. Security features en- 
sure document integrity. 
Company officers: 

¢ Eric M. Elfman, co-founder, presi- 
dent and CEO 

* Eric A. Smith, co-founder and 
chief technology officer 

° Geoff S. Elfman, co-founder and 


¢ April 1998: Company founded 

¢ January 1999: ShareDoc/Legal 
launched 

August 1999: UPS-branded ver- 
sion of ShareDoc debuts 





¢ July 2000: First 
round of venture 
funding 


Employees: 26; 
workforce growing 
at 500% per year 


Burn money: $7.7 mil- 

lion from United Parcel Service Inc 
angel investors and co-founders 
Products/pricing: ShareDoc/Le- 
gal service costs $18,000 per year 
for corporations, $2,000 per year 
for outside counsel firms; Web- 
Manager, $15,000; FlowManager, 
$50,000 

Customers: AT&T Corp., The 
Boeing Co., Compaq Computer 
Corp., Philip Morris Cos. and others 
Partners: UPS, Elite Information 
Group Inc., RSA Security Inc., 
Compinfo Inc. and Bridgeway Soft- 
ware Inc. 


Red flags for IT: 

Product doesn't integrate with 
back-office financial systems. 

© Software currently works only with 
Windows-based systems. 


PUTE 
o™ Ry 


tems. Because it uses encryp- 
the 


ensure 


tion throughout system, 
DataCert the in- 
tegrity of any document trans- 
ferred through ShareDoc/Le- 


can 


gal, including pleadings, briefs 
and depositions. These docu- 
ments un- 
touched, with no translation or 


pass through 
formatting required 
ShareDoc/Legal works with 
DataCert’s Windows 2000- 
based WebManager and Flow- 
Manager software. WebMan- 
ager is an XML viewer applica- 
tion that lets legal departments 
see invoices. FlowManager 
routes billing data and handles 
Data- 
Cert has integrated its soft- 
with the management 
systems most commonly used 


the approvals process 
ware 


by legal departments, says Elf- 
man. That 
like Home Depot to directly 
information bills 


allows customers 


enter from 


into those systems for analysis. 


Integration Issues 
The that 
products can be 


DataCert’s 
integrated 


fact 


with existing systems is a key 
part of the company’s value, 
says Matthew Kovar, an analyst 
at The Yankee Group in Bos- 
ton. Because legal departments 
generally aren't technically so- 
phisticated, he says, DataCert 
can get them running more 
quickly than if they built a sim- 
ilar system in-house. 

But DataCert doesn’t inte- 
financial 
Kovar, so 

© users must use existing 

payment methods. In 

the future, 

les companies may use 

DataCert to make it ap- 

pealing for someone to 

partner with the company ona 

payment system, he says. But 

DataCert’s executives aren't 
planning on that integration. 

Elfman the 


grate into sys- 


% tems, says 


enough 


says company 


plans to expand the number of 


platforms that WebManager 
FlowManager 
The products currently run on 
Windows; Elfman 
wants to target Unix. 

The company also plans to 
expand into new niches. The 
secure communications tech- 
nology is agnostic, says EIlf- 
man, so DataCert can easily 
move into markets that aren't 
yet moving much of their data 
electronically, such as insur- 
ance and health care. D 


and support. 


says he 


Johnson is a Computerworld 
contributing writer in Seattle. 
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the buzz 


STATE OF 
THE MARKET 


Legal Maneuvers 


DataCert is in a hot market, and its focus 
on the legal niche is smart, says Matt Ko 
var, an analyst at The Yankee Group. He 
estimates that the market for secure 
content delivery will grow from an esti 
mated $450 million this year to more 
than $2 billion in 2005. The market en 
compasses everything from copyrighted 
material to proprietary business infor 
mation to bill presentment and payment 

The market is ina hypergrowth 
phase, says Kovar, pushed by business 
es wanting to digitize a wide variety of 
material and transmit it via the Internet 
No single technology has emerged as 
the de facto standard, but encryption, 
authentication and receipt notification 
and confirmation are key elements of 
any system, he says 

Kovar says he also likes DataCert’s 
plan to expand into insurance and med 
ical niches. Organizations in those fields 
have big budgets and high-value trans 
actions, with high privacy and confiden 
tiality needs, he says. “They're ce 
ripe for this environment,” says Kovar 

DataCert has limited competition, he 
adds. One group includes systems inte 
grators that build extranets. But in the 
realm of secure document delivery, no 
other company has exactly the same 
service, he says, although DataCert has 
ompetitors in both the bill presentment 


and document transmission markets 


RealLegal Inc. 
Denver 


www.documentforum.com 


RealLegal doesn't compete with Data- 
Cert in the area of bill presentment and 
payment, but it does have services for 
the secure transmission of legal docu- 
ments. The electronic transcription ser- 
vice will deliver documents from a court 
reporter via e-mail or on diskette. Elec- 
tronic signature technology verifies the 
integrity of the document. RealLegal 
also offers Web-based products for 
sharing transcripts and depositions 


MessagingDirect Ltd. 


Edmonton, Alberta 
www.messagingdirect.com 


MessagingDirect's M-Bill billing soft- 
ware competes with DataCert's prod- 
ucts, but itisn't directed specifically at 
the legal community. The bill arrives in 
the customer's e-mail and incorporates 
payment options and procedures, unlike 
DataCert’s ShareDoc/Legal. Like Data- 
Cert, M-Bill also authenticates the user's 
identity and ensures the integrity of the 
document being delivered. 

- Amy Helen Johnson 
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r’S NO SECRET that cor- 
porate IT systems are 
constantly threatened by 
hacker attacks and virus 
outbreaks. But only re- 
cently have companies come to 
realize the potential dollar 
costs of security lapses. 

“The really bad security 
breaches that would make the 
hair on the back of your neck 
stand up are not being report- 
ed [in the media],” says David 
Foote, a managing partner at 
Foote Partners LLC, a New 
Canaan, Conn.-based research 
and consulting firm specializ- 
ing in the IT workforce. “But 
companies know about them, 
and they’re scared.” 

As companies place an in- 
creased emphasis on security, 
says Foote, the role of the se- 
curity professional is changing | 
from a strictly back-office IT 
support role to one that’s 
strategically tied in with the 
entire company. 

“The stakes are high,” says 
Foote, who is also a Computer- 
world columnist. “And the 
higher the stakes get, the more 
[security] is a business issue.” 

That means security profes- 
sionals, especially those in 
top-level positions, will not 
only have to master technol- 
ogy to protect a company’s IT 
systems, but they will also 
need to understand a com- 
pany’s entire business and be 
able to pinpoint which secu- 
rity breaches most threaten its 
bottom line. 

Here’s someone who's doing 
just that and is exactly the 
type of security professional 
companies will need most in 
the years to come. 


Name: Chuck Ryan 
Title: Director of information 
security 
Company: Molex Inc., a 19,000- 
employee manufacturer of 
electrical and fiber-optic con- 
nection systems in Lisle, Ill. 
Previous experience: Ryan is one 
of those experienced hands 
who were there in the early 
days of corporate IT and have 
watched their careers grow 
since. He graduated in 1982 
from The Citadel in Charles- 
ton, S.C., with a bachelor’s 
degree in math and computer 
science. He was soon installing 
and tuning early-model oper- 
ating systems at companies 
such as Pittsburgh-based alu- 
minum giant Alcoa Inc. 

In the early 1990s, when the 
field of IT security was just 
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‘The New 
Security Pro 


As IT security becomes a major priority 
for most companies, the role of the security 
professional is changing. By Zachary Tobias 


CHUCK RYAN 


Job title: Director of information 
security 

Company and location: 

Molex Inc., Lisle, Ill 

Nature of his work: Sets security 
policy and performs internal audits 
to make sure security guidelines are 
followed 

How he got the job: Ryan was 
contacted about the position by 

a recruiter specializing in placing 
security professionals. 

Skills required: Thorough knowl- 
edge of IT infrastructure and IT 
security technology like firewalls 
and antivirus software is a must 

But Ryan says that good writing, 
communication and business skills 
are also indispensable for anyone 
setting security policy 


Training needed: Ryan's only 
formal degree is a bachelor's de- 
gree in math with a focus on com- 
puter science, which he got in the 
early 1980s. He picked up most of 
his skills on the job, which he says 
is true of most security profession- 
als. Becoming a Certified Informa- 
tion System Security Professional 


being born, Ryan landed a job 
as a data security administrator 
at Glaxo Inc., a pharmaceuti- 
cal company in Research Tri- 
angle Park, N.C. He set secu- 
rity policy for a workforce of 
approximately 70,000 at Glaxo. 
Ryan’s experience gave him 
a thorough knowledge of the 
technical side of security, for 
example how to combat virus- 
es and set up firewalls. He 
says those skills are important 
for anyone in the profession. 
But he also emphasizes the 
importance of good communi- 


“THERE'S no end to what | could do careerwise,” says Molex’s Chuck Ryan. 


four years upped the number 

of job offers he gets, and he advises 
other security professionals to get the 
certification 


Salary potential: Ryan says 
most security professionals earn 


$100,000 to $200,000 per year 


cation and business skills. 

“Tools come and go,” Ryan 
says of security technology. 
“But policy is the foundation, 
what makes things happen.” 
Responsibilities: At Molex, Ryan 
decides what the company’s 
security policies will be, relays 
them to employees and does 
internal audits to make sure 
those guidelines are being 
followed. 

To protect the company 
from virus attacks, for exam- 
ple, Ryan decides what anti- 
virus software will be installed | 


Career path: “There's no end to what 
| could do careerwise,” says Ryan. He's 
constantly getting job offers, since 
security professionals are in such high 
demand. His mix of writing and techni- 
cal skills also sets him in good stead 
for a wide range of other business 
roles. 


on employees’ computers and 
also writes instructions that 
employees at all levels of the 
company can understand. 

Ryan says many security 
professionals make the mis- 
take of focusing too narrowly 
on technology. He works 
closely with departments 
across the entire company to 
make sure that his policies are 
actually accomplishing what 
they’re supposed to. 

That’s especially challeng- 
ing — and important — ina 
global company like Molex. 


Predicting how workers wil 
deal with something like a 
virus outbreak is easier said 
than done when you have 
offices as far away as Ukraine 
and Singapore, Ryan says 
“You always have a precon- 
ceived notion of how the orga 
nization works,” says Ryan. 
“But you have to go [to each 
ountry] to understand exact 


ly what is going on.” 


did. Shortly after he was hired, 
he toured Molex offices in 
Asia, Europe and Latin Amer- 
ica. He found big differences 
in the way offices in different 
countries used technology 
variations that would have to 
be accounted for in the com 
pany’s security policies 

For example, a security pol- 
icy might tell employees to go 
to an IT help desk when they 
encounter a virus attack, but 
the instruction won't make 
much sense in an office that 
uses roving IT support profes- 
sionals instead of help desks, as 
Ryan found in some of the for- 
eign offices he visited. 

Now, Ryan sends his new 
policies to managers through- 
out the world for review. He 
also keeps in close contact 
with those managers by tele- 
phone and e-mail to make sure 
the policies are effective. 

Working 
borders takes strong cross- 
cultural skills, says Ryan, but 
he also needs to be a good 
communicator and leader at 
the home office. 

As the only employee 
specifically charged with IT 


security, he works especially 


Across natio 


closely with infrastructure 
managers and systems ana- 
lysts to make sure they’re 
making security a priority. He 
says he’s a strong believer in 
the notion that security should 
be integrated into the work of 
the entire IT team and not 
limited to security specialists. 
“I’ve been in environments 
where... 


between the two groups,” 


there was a barrier 


Ryan says. “The security folks 
would almost talk down to the 
infrastructure group. You 
don’t get anything done ina 
situation like that.” D 

Tobias is a freelance writer in 
Santa Cruz, Calif. 


MOREONLINE 


For more security-r ew 
resources and interact 


www.computerworld.com/security 
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If you're an IT professional who's tired of playing industry catch up and 
want to get ahead of the game, look to Ajilon. As a frontrunner of 
information technology services, our people are always in demand 
Our clients span a wide variety of industries so you'll benefit from a 
challenging, varied environment. And with a steady flow of new projects 
you'll have the stability that many consultants dream of. At Ajilon we 
don't just invest in technology, we invest in people. Visit us on the web 


at www.ajilon.com. You'll see we're taking information technology into 


the future. And we'd like to take you with us 
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potential employers, 
“Come and get me.” 


» 2001 Dice.com 


the ONE 


SALES EXECUTI 


SOFTWARE ENGINEERS 
IT PROJECT ENGINEERS 


o: ONE, Inc., Corporate 


Headquarters, 2895 Greenspoint 
Parkway, Suite 500, Hoffman 
Estates, IL 60195. Or apply 
on-line at: www.oneco.net 


An Equal Opportunity Employer 


Cyber Solutions Internationa! 
Corp has adiate, full-time 
opportunities for both entry-level 
and experienced Programme’ 
Programmer Analysts, Systerr 
Analysts, Software Engineers 
DBA's and Software Consultants 
with any of the following skills. 


“Informix or Unix *SQL or Server 

GUI *DB2, CICS or COBOL 
*Visual Basic “OOD °C, C++ or 
Visual C++ “Oracle or Sybase 
“MFC “Access or PowerBuilder 
*CORBA “WinNT “SAP HR/SD, 
Fil-CO/Basis/ABAP “Java, EJB 
Weblogic 


Bachelor's or Master's degree 
required, depending on positiot 
We also accept the foreign edu 
equ. of the degree, or the degree 
equ. in edu. and exp. Excellent 
benefits. send confidential resume 
and salary requirements to: Attn 
Cyber Solutions International 
Corp., Attn: HR 1050 E Duane 
Ave, Ste F, Sunnyvale, CA 94085. 
Visit our website at www 
cyberallied.com 
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that extend intellige 
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locatio of, Milpitas, We: 
Village and Pleasanton 


Engineers (Job 


Software Engineers (Job 
#00389) 
DSP mware Engineers (Job 
#00033 : 
Software Test Engineers (Job 
#00003389 
Sr. Software Test Engineers (Job 
#00000389) 


Visit Vpacket.com for more info. 
or email resumes to careers 
@vpacket.com or send resumes 
to Attn: Byron Clendenen, Sr. 
Director/HR, 1390 McCarthy 
Bivd., Dept. Star Nat 3389 
Milpitas, CA 95035. Refer to job 
code or #, pis. 
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Go to Dice. 
Click.“Announce Your Availability.” 


Start your next big IT opportunity now. 


nobody gets IT like dice. 


Shaping Innovation 


PTC (Parametric Technology Corporation) is the world’s largest 


software company with a total commitment to product develop 


ment. PTC’s software impacts every area of the product lifecycle. 


from product planning and engineering to service and support 


PTC has the following opportunities AT ALL LEVELS at 
their Needham, MA, San jose, CA, and Arden Hills, 


MN facilities: 


* Application Specialists 


¢ Implementation Consultants 


* Software Engineers 


* Quality Assurance Engineers 


Technical Support Engineers 


Application Engineers 


Localization Specialists 


Education Specialists 


To learn more about PTC’s great opportunities - 
visit our website at: WWW.ptc.com 


Infosys International, a Plainview 
NY based IT 


Notes/Dor 
t, WebF 
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++, Gentran, Commerce 
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Engg, Math, Bus. Admin, or 
rel. field while others require BS 
or equiv. as above. Pay com 
mensurate with exp. Foreign 
equiv of educ. and/or combination 
Juc/exp will be accepted 
Travel/relocation reqd. Resumes 
& salary expectations to HR, 110 
Terminal Drive, Plainview, NY 
11803. 
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Headquartered in Reno, Nevada 
Five Nine Solutions is the | 
in eTesting for eBus 
urrently have excell 
tunities in our Reno office f 


Project Engineers 
Senior Consultants 


We offer an exce nt compen 
sation and benefits kage. T 
apply, please send a cover letter 
and resume to 


Five Nine Solutions, inc 
Attn: Human Resources 
9490 Gateway Drive #20( 
NV 89511 
852-2995 
Fax: 775-852-1088 
Email: info @ fiveninesolutions.com 


We seek IT professionals with 
industry exp. (various skills com 
bination reqd.) Oracle 7.x/8, VB. 
VBScript, JavaScript, MPE-XL 
HP-UX Server, Linux, Web Design 
Unix, C++, SOL er, VAX-VMS 
COM, DCOM, etc. Pay matching 
with exp. Foreign educ. equiv 
&/or combination of educ/exp 
accepted. Travel/relocation reqd. 
Resume to Global Resources 
Mgmt., inc, 3355 NE Expwy, Ste 
205, Atlanta, GA 30341 





TEES 


HOT PLACES TO WORK: 


he element that makes or breaks information 

technology companies or professions is com- 

pelling work — a true innovation that secures a 
competitive position. And compelling work continues 
in these IT hot spots, providing new challenges and 
spawning the next generation of the IT industry 


Ahaza Systems Inc. is among those leading the 
way. The Seattle-based company is an Internet 
infrastructure company dedicated to developing 
network systems designed to keep data traffic moving 
at maximum speed. “We are focused on building a 
suite of next-generation switching and routing solu- 
tions for enterprise and Internet service providers,” 
says Kirsten Joyce, director of marketing. The compo- 
ny, whose founder Mike Almquist was the chief 
technology officer and co-founder of F5 Networks, 
began ramping up in January. “We plan to launch 
our first products in the fall.” 


To develop the new suite of switching, cacheing and 
routing solutions, Ahaza is hiring electrical engineers, 
“Our suc- 
cess depends on hiring the right people,” Joyce adds. 


hardware architects and software developers. 


“We are a well-funded startup that is working on cutting- 
edge technology. It doesn’t get much better than this.” 


Another Seattle upstart is Indaba Communications 
(the Zulu word for “conference of wise people”) 
Indaba’s goal is to develop a platform small enough 
to sit on a desktop, replaces your phone and becomes 
a complete communications appliance for control and 
connectivity for real-time simultaneous interaction with 
a large number of remotely located participants. The 
company is also developing a server and software 
backend to manage the platform and associated 
applications. “Many times, companies are focused on 
advances to previously created technology. Not so at 
Indaba,” says Tim Poole, director of human resources 
and staffing. “We are developing new and compelling 
products for the next generation of communications.” 


To develop the technology, Indaba is hiring operating 
systems engineers — “what we call kernel hackers,” 
says Poole. “We're looking for a person’s ability to 
resolve complex issues that have not yet been resolved. 
You have to be up for research and for enormous tech- 
nical challenges. In exchange, we offer challenging 
work, a great location and a company that truly 
respects its people. When we hire, we use a fairly 
rigorous process to assure the fit is equally right for 

the candidate and for the company.” 


Head south from Seattle, to Austin, and Advanced 
Micro Devices is also working hard to develop 
entirely new technologies. “We're hiring in a variety of 
areas,” says Shirley Wallace, employment 


Advertising Supplement 


manager. “We're hiring smart, bright 
people with a focus on microprocessor 


design and software development.” 
g o 


Wallace likes to say that AMD is built on solid core 
AMD values. As the primary competitor for Intel, 

customers’ success is our success. We seek to create 
and maintain lasting relationships based on trust and 
shared vision, 
to invest heavily in research and development with 

major locations in Austin, California and now Dresden 


says Wallace. The company continues 


Germany. “Supporting people has always been our 
mantra here at AMD,” she adds. “When people come 
here, they see and feel that, everywhere. As an exam- 
ple, we continue to reward performance — when other 
companies have cut back. This is also one of AMD’s 
core values — people first and products and profits 

will follow.” 


Indaba and Ahaza could fit as departments within 


AMD, which now employs 14,000 people worldwide. 


“Despite that size, we encourage people to wear 
different hats, and we keep our teams fairly small and 
agile,” Wallace explains. “We are a leading technical 
company in the flash and microprocessor businesses, 
where you must have a passion for being on the 
leading edge of technology development. You work 
along side experts at AMD, and we're dedicated to 
getting leading-edge technologies to our fab floor’s 
before our competition.” 


Head across country to Washington, D.C., and the 
mix of commercial and government sector information 
technology needs continues to support a thriving job 
market. PricewaterhouseCoopers’ Mark Bradley, 
recruiting director for the Washington Consulting 
Practice, says that while career opportunities have 
slowed in other regions, the D.C. market remains 
strong. “The D.C. metro area offers unique and 


diverse career opportunities 
because of its blend of 
commercial, government 
and Internet start-up con- 
sulting companies,” says Bradley. “This combination of 
services and industry has helped put D.C. on the 


employment map.” 


PricewaterhouseCoopers offers a full spectrum of 
services to its clients. “Working in the government 
sector gives us the opportunity to improve and, in some 
cases, change the way our government functions 

says Bradley. “We offer a wide array of technology 
services, to include e-business, enterprise application 
integration, enterprise resource planning and various 
web-based application services. We look for people 
who are multi-dimensional, who can contribute in 
multiple ways to a variety of projects and clients.” The 
firm hires new college graduates, MBA and graduate 
students, as well as experienced professionals 
Bradley states, “Unlike many consulting firms, we do 
not hire people to fill slots on a job 


hire as a new, long-term, professional relationship 


We view each 


Our consultants often move from project to project 

diversifying their skills and experience, thereby improv- 
ing their value to the firm and to the market in general 
We work hard at accurately mapping someone’s skills 
our clients 


and interests with the needs of The single 


greatest attribute we have is our people 


wEESS 
For more job opportunities in Austin, Washington, D.C. and 
Seattle, turn te the pages of ITcareers. 
© If you'd like to take part in an upcoming ITcareers feature, 
contact Janis Crowley, 650.312.0607 or 
janis_crowley@itcareers.net. 
© Produced by Carole R. Hedden 
© Designed by Aldebaran Graphic Solutions 
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~ NEWS” 


Ingersoll-Rand Offers 


Procurement Service 


Manufacturer sells in-house supply chain 
expertise to other Fortune 1,000 companies 


BY MARC L. SONGINI 
ANUFACTURING 
giant Ingersoll- 
Rand Co. thinks it 
can succeed where 

most businesses fail: in linking 

mom-and-pop suppliers to | 
large online supply chain pro- 
curement systems. 

The Woodcliff Lake, N_J.- 
based firm is internally beta- 
testing a service called The 
21st Supplier from a new busi- 
ness unit with the same name. 
The service for Fortune 1,000 | 
firms will take on the head- 
aches of tying small suppliers 


Continued from page 1 


Ariba 


procurement 
tremely diverse: Ariba holds an | 
18% market share in a space | 
with more than 90 vendors, ac- | 
cording to Framingham, Mass.- 


software is ex- | 


based research firm IDC, and 
many users have already com- 
mitted large sums of money to | 
disparate technology paths. 
“What I want to know 
Will the major vendors be able 
to put aside their egos and do | 


In the Lead 


Ariba leads in worldwide 
license revenue for online 
procurement applications 
(in millions) 


is, | 


| 
| 
| 
| 


gis9s #1999  2000* 


i2 


Note: Total market revenue was $174 million in 1998. 
$770 million in 1999 and $2.05 billion in 2000. 


to a company’s back-end in- 
ventory, planning and logistics 


systems, said Bill Lindquist, | 


business unit leader at the Tor- 


rington, Conn.-based start-up. 
Analysts say this is an inter- 


esting, innovative and poten- 


tially trendsetting move, de- 
spite the general slowdown in 
investment in electronic busi- 
ness systems. 


“Procurement is ripe for out- | 


sourcing,” said Karen Peter- 
son, an analyst at Stamford 
Conn.-based Gartner Inc. But, 
she added, although Ingersoll- 


Rand is “ahead of the curve” 


something that’s good for the 
market?” said Melissa Span- 
gler, director of e-market- 
places at Ariba customer Fleet- 
Boston Financial Corp. 

The auto sector is one indus- 
try that’s already largely com- 
mitted. Ford Motor Co. and 
General Motors Corp. bought 
14.4 million shares each in Ari- 
ba rival Commerce One Inc. in 
January as part of the equity 
structure of Covisint LLC, the 
massive automotive exchange 
founded by the Big Three au- 
tomakers. Southfield, Mich.- 
based Covisint picked Oracle 
Corp. and Pleasanton, Calif.- 
based Commerce One as its 
lead technology providers. 

However, Ariba claims Volks- 
wagen AG, Bayerische Mo- 
toren Werke AG and Honda 
Motor Co. among its cus- 
tomers, as well as Toledo, 
Ohio-based Dana Corp., the 
largest supplier of drive shafts 
and piston rings. 

Mueller argued that the Big 
Three seem more interested in 
operating Covisint “as a ma- 
nipulated puppet.” He said he 
believes that they will drop 
their support of the exchange if 
they see competitors getting 
better value with other models. 


here, “it lacks a track record 
and will probably only succeed 
serving industries it’s already 
doing business in.” 
Ingersoll-Rand is an $8 bil- 
lion firm with 100 factories and 
$4 billion per year in direct 
materials procurement. It has 
built the direct materials pro- 
curement system based on its 
own experience, with software 
Bedford, Mass.-based 
Supply Works Inc., to draw in a 
viable revenue 
said Lindquist. Via a browser, 
synchronize 


from 


new stream, 
suppliers can 
their processes to their cus- 
tomers’ planning and procure- 
ment cycles. 

Lindquist claimed that 21st 
Supplier will be able to shave 
off a significant piece of the 


“I think ultimately, GM will 
use technology to do their own 
thing, and Ford will use Oracle 
to do their own thing, and 
they'll go their separate ways,” 
Mueller said. 

Covisint spokesman 
Jankowski said the perception 
that the marketplace has 
stalled is incorrect. He said Co- 
visint has been building an in- 
frastructure “that can serve an 
incredibly large industry,” and 
it hopes to be operational be- 
fore the end of the year. 


Dan 


| No Clear Winners 


| 
| 


In the pharmaceutical indus- 
try, Ariba has captured several 
high-profile customers, includ- 
ing Merck & Co., Bristol-Myers 
Squibb Co. and Pfizer Inc. 

But some players have gone 
elsewhere. GlaxoSmithKline 
PLC in London decided to 
throw its business to FreeMar- 
kets Inc. because of the pre- 
merger relationship Smith- 
Kline Beecham had with Pitts- 
burgh-based FreeMarkets, dat- 
ing to 1999. In January of last 
year, Eli Lilly and Co. in Indi- 
anapolis chose Commerce One 


to automate the purchasing of | | 


goods and services throughout 
the company. 


20% to 30% in administrative 
and other costs incurred when 
making purchases. And instead 
of many invoices, customers 
will be able to pay just one to 
21st Supplier. 

The timing is right for this 
sort of supply 
chain project, said 
Joshua Greenbaum, 
an analyst at Enter- 
prise Applications 
Consulting in Daly 
City, Calif. But it 
will be hampered if 
it doesn’t give the 
suppliers any tools 
to manage their 
own back-end proc- 
and that 
could make it “a 
complex and 
pensive project.” 

Nevertheless, Lindquist 
said, The 21st Supplier is in ad- 
vanced negotiations with a few 
potential clients he declined to 
name. 

But it will still be a tough sell 
to many companies, such as 


planning 
esses, 


ex- 


“What this means is you're 
going to see some real fights 
for dominance in those areas, 
and the winners will set the 
standards,” said Hari Srini- 
vasan, an analyst at Banc of 
America Securities LLC in San 
Francisco. Srinivasan added 
that it will likely leave cus- 
tomers searching for the best 
of breed in a dogfight with no 
clear winners. 

Mueller, who last week re- 
placed Chairman Keith Krach 


12 Technologies Inc. last week 
announced that Greg Brady, the 
company’s president, will take over 
the CEO spot from co-founder 
Sanjiv Sidhu. 

The management change at 
Dallas-based i2 came just two days | 
after rival Ariba Inc. tapped Larry | 
Mueller, its president and chief op- 
erating officer, to replace former 
CEO Keith Krach. Like other busi- 
ness-to-business vendors, i2 and 
Mountain View, Calif.-based Ariba 
are being hit by lower-than-expect- 
ed sales that have forced them to 
resort to layoffs. 

[2 said last month that it was 


ma 
Tying It 
Together 


Ingersoll-Rand’s 2Ist 
Supplier service will 
handle the following: 


® Supply chain and 


if 


frozen food maker Anchor 
Food Products Inc. in Apple 
ton, Wis. It recently went live 
with a homegrown Web system 
that lets its suppliers check on 
production 


schedules and 


manufacturing updates from 
its J.D. Edwards & 
Co. enterprise re- 
source _ planning 
application. 
Anchor expects 
save up to $5 
million this year in 
inventory reduc- 
tions, said Craig 
Elonen, an analyst 
systems 
at the 
If Anchor 
the 
curement, it would 
the 
ship it has developed with sup- 
pliers, Elonen added. 

Down the line, it “could get 
into finger-pointing [between 
the outsourcing company and 
the suppliers] if 
went wrong,” Elonen said. D 


manager 
company. 
out- 
sourced pro- 


lose relation- 


something 


as CEO, said Ariba will be of- 
fering better business-to-busi- 
ness network connectors and 
extensions to help link trading 
partners in the coming 
months. 

Ariba is coming off a quarter 
in which it lost $48.3 million 
from operations. Revenue 
came in well below 


tions, at $90.7 million. D 


expecta- 


Linda Rosencrance contributed 
to this report. 


12 Joins Ariba in Naming New CEO 


planning to cut more than 600 
workers after its first-quarter profits 
came in at a level nearly 50% be- 
low that of one year earlier. Ariba 
said 700 of its 2,100 employees 
would be let go following a $1.84 
billion net loss in its fiscal second 
quarter and the demise of a 
planned acquisition of San Jose- 
based Agile Software Corp 

Brady, 40, has served as presi- 
dent of i2 since 1994. Sidhu will 
stay on as chairman and provide 
“ongoing direction and vision for 
the company,” according to a re- 
lease from i2 

- Todd R. Weiss 
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Privacy? Bank on It 


THE BACK PAGE 


CDANILV I | 
S/FRANKLY SI 


EAKING 


EMEMBER THE Y2K SERMON? Back in 1999, the Ameri- 
can Bankers Association wrote a sermon for preachers 
to deliver, telling the people in the pews not to panic 
over Y2k and to trust their bankers. (As bad ideas go, 
this one was a lulu — I never found one minister who 
even thought a sermon written by bankers was a good idea, much 
less one willing to deliver it.) 
Now a lobbying group backed by the ABA is claiming that data 
privacy will cost bank customers billions of dollars and hundreds of 
millions of hours of wasted time every year. This time, the bankers 
didn’t try to turn preachers into their mouthpieces. Instead, the 
Financial Services Coordinating Council sponsored a study by 
banker-friendly Ernst & Young LLP. 


The study’s breathless conclusion? Based on 
responses from 90 large financial-services orga- 
nizations, Ernst & Young says it will cost U.S. 
customers at least $16 billion and 305 million 
hours per year if the law requires customers to 
opt in for data sharing and if less than 10% 


agree to opt in. 

Did you spot the jokers in this 
deck? Let's put it another way: If 
more than 90% of Americans 
think banks sharing their confi- 
dential data is a lousy idea, it will 
cost them each 12 seconds and 17 
cents a day to do without it. 

That’s the price of privacy at 


the bank: less than 20 cents a day. 


That’s the 
price of 


closed immediately and software patches must 
be applied pronto. But it also means tightening 
up data access policies that have been getting 
looser ever since our first departmental and 
client/server systems were plugged in. 

And flexibility: We'll have to let customers 


choose how much of their data 
will be shared. It’s a lot easier to 
sell a little data sharing than a 
full boat. But in the IT shop, that 
will require more processing 
power to constantly filter data 
and lots of tweaks to enterprise 
applications to support that cus- 
tomized data handling. 

And customers will have to see 
real advantages to sharing their 


SALES STAFF at electrica 


parts distributor knows the buyer 


has added a new line of fuses 
but can’t bring them up in the 
ystem. IT pilot fish discovers 
why: The buyer has added an 
asterisk to the fron 
the new fuses’ part r 
“He told me the ast 
he uses to bring up everything 
like that’ in a search,” fish re 
ports. “So if he put the asterisk 
right in the part numbers, they'd 


be that much easier to find.” 


NEW-HIRE PROGRAMMER 
asks manager pilot fish’s help ir 
getting a new program running 
“You need a phase name for 
your program,” fish tells the 
programmer. “About 15 minutes 
later,” says fish, “the accounting 
department manager, whose 
name is Faye, wants to know 
why the programmer needs her 
name for his program.” 


REMOTE OFFICE STAFF de 
cides to upgrade its own printer 
instead of waiting a week for IT 
to help. “I know how to set up a 
printer,” staffer tells pilot fish 

A week later, fish gets a call 
They're having “issues with the 
drivers.” The drivers turn out to 
be OK, but fish finds the prob- 
lem: “They had somehow forced 
the ink cartridge in upside down 
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— 
and backwards.” She pries it ot 
and inserts it correctly. “What 
was the problem?” staffer asks 
“The cartridges were put in 
wrong,” fish says. “But,” staffer 
exclaims, “those were the ones 


that came with it!” 


AFTER THAT, WHO WILL 
CARE? Transit agency is about 
to go live with a financial soft 
ware upgrade and a shift from 
VMS to Unix when pilot fish 
gets word from on high: There 
will be a disaster recovery test 
days before the switch - on 
the old VMS system. “It took 
several phone calls before | 
could get any agreement to 
postpone the test,” fish says 


JUST SAY NO TO TIME 
SHARING Trucker hits a snag, 
first trying to make a delivery, 
then trying to get into the data 
base to check on it. He calls 
headquarters, and an IT-savvy 
scheduler tries to help. “Are you 
using TSO?” he asks. “Listen 
buddy,” growls the trucker, “I 
don't do drugs!” 


Just say yes to me: sharky@ 
computerworld.com. You 
get a sharp Shark shirt if your 
true tale of IT sees print - or if it 
shows up in the daily feed at 
computerworld.com/sharky. 


The 5th Wave 


Not a very compelling argument 
to agree to data sharing, eh? 
If you think this is just a prob- 


privacy at the 
bank: 17 cents 


data — not pennies or seconds 
saved, but new products and ser- 
vices that better meet their needs 


lem for bankers, think again. Yes, 
new data privacy regulations for 
U.S. banks kick in July 1. But the 

clock is ticking for the rest of us, 
too. Sooner or later, we will have 
to deal with tighter privacy regu- 
lations, whether because of pro- 


posed federal or state laws or Eu- 


ropean requirements for dealing 

with customers across the water. 
And we (or rather, our compa- 

nies’ marketing departments) 


will never persuade customers to 


share their data just to save pen- 


nies a day. We'll have to promise a lot more — 
and every marketing promise means lots of 


work for IT. 


Security, for example: Our companies will 
have to convince customers that their personal 


a day. 


at a lower price. How will that 
happen exactly? That's for the 
business guys to dream up. But 
you can bet IT will have to make 
it happen, and fast. If we don’t 
make losing privacy worth it for 
customers, they'll just say no. 

Of course, maybe we'll all be a 
little luckier. Maybe the bankers’ 
guesstimate of 10% opt-in is just 
a little paranoid. Maybe most of 
our customers will be glad to 
share their data. 


But don’t count on it. Faced with everything 
from spam to identity theft, lots of people are 


plenty sensitive about privacy these days. So 


data will be safe, whether they opt in or out. 


That means safe from unauthorized use, but 
also safe from crackers and catastrophes. 
For IT, that means security holes have to be 


when it comes to data sharing, we probably 
won't be preaching to the converted. D 


Hayes, Computerworld’s senior news columnist, has 
covered IT for more than 20 years. Contact him at 
| frank_hayes@computerworld.com. 


“Think of our relationship as aversion of 
Red Hat Linux — I will not share a 
directory onthe love—branch of your life.” 
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